Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 16240 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Backup Internet connection with a 4G Ethernet router

Zak_B18 DZ

Hello fellow Sophos users,

Happy to have joined this community as this is my first ever post. I just need little guidance as i'm fairly new to Sophos:

I would like to add a secondary WAN connection (4G) as backup for specific servers that are remotely accessible. We currently have one single LAN with no other subnets or Vlans. I have at my disposal a Huawei 4G wireless router which has 1x Ethernet port (B5328 Model) and since i'm not really familiar enough with Sophos UTM, i would like to get some guidance on how to set this up. What i want to know is, the type of interface for the 4G Router which will be connected via Ethernet one one of the UTM ports and how to set it up as backup for only those specific servers that i mentioned earlier.

I don't know if i made it clear enough but i'd be happy to elaborate on any of these points if you have any questions.

Regards,

Zak



This thread was automatically locked due to age.
Parents
  • 0

    Hello again, 

    I did every step from Sachin's reply but its not really working, just moved the 4g interface from 'Standby' to 'Active':

     

    - Created the secondary WAN interface (Ethernet, Dyn.IPv4 and IPv4 Default GW ticked) and added it in 'Active' in the Uplink Balancing tab.

    - Created the multi-path rule for the servers so that only them can use the 4G Interface:

    Source: MyServers_Group( it's a network group with multiple servers)

    Services: Any

    Destination: Any

    Itf. Persistence: By Interface and specified my 4G Wan Interface

     

    Now what's happening is my whole LAN is using both interfaces to go out and i'm getting some crazy numbers in my dashboard, which is not really my purpose here. There must be some additional config to do? maybe a NAT thing or Policy Route?

     

    Regards, 

    Zak

  • +1 in reply to Zak_B18 DZ

    In this scenario, your top Multipath rule must be one that binds 'Any -> Any -> Any' to the other interface.  That rule would not be necessary if your backup interface were not in 'Active'.

    In either case, if nothing other than the servers should use the backup connection, you need to have at the bottom of the list another multipath rule like the first except that you must de-select 'Skip rule on interface error' in 'Advanced'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • +1 in reply to Zak_B18 DZ

    In this scenario, your top Multipath rule must be one that binds 'Any -> Any -> Any' to the other interface.  That rule would not be necessary if your backup interface were not in 'Active'.

    In either case, if nothing other than the servers should use the backup connection, you need to have at the bottom of the list another multipath rule like the first except that you must de-select 'Skip rule on interface error' in 'Advanced'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
Unfiltered HTML