This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SG210 - adding a FTTP connection for all traffic except VOIP

Hi,

We have a Sophos SG210 UTM which has 1 NIC configured for Internal LAN and another NIC configured for a FTTC DSL WAN connection. Until now this WAN connection has been used for all internet traffic (Browsing, 365 Exchange Online, Site-Site IPSEC VPN, Remote Dial in SSL VPN).

We now have a 100/100 mbps FTTP WAN connection available and we would like to use this connection for everything except our VOIP phones - we would like to dedicate the FTTC connection for just the phones.

I have configured NIC 5 with the PPPoE details of the FTTP connection but haven't enabled it yet. Uplink balancing was automatically enabled when I added this configuration with both FTTC & FTTP connections set as Active Interfaces.

Do I need to setup Multipath Rules to achieve what I have outlined above?

Any info to give me a head start would be greatly appreciated. 

Thanks in advance for any help offered!

Paul.



This thread was automatically locked due to age.
  • Haigh Paul and welcome to the UTM Community!

    Yes, two Multipath rules:

    1. {phones} -> {your VoIP ports or Any} -> Internet IPv4 : Bind to FTTC
    2. Any -> Any -> Internet IPv4 : bind to FTTP

    Depending on your VoIP provider, you may want to have them route traffic to you to the FTTP connection if the FTTC connection is non-responsive.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks very much Bob - that makes sense.

    The telephone company have confirmed to me that ALL VOIP traffic effectively originates at the onsite PBX so {phones} in your example will be the PBX.

    So, are the multipath rules sequential? Ie if rule 1 doesn't apply (device is not a phone) the firewall will go on to rule 2 etc?......

    I'll be testing today at 1630 so will let you know how it goes!

  • Right, Paul - anytime you see an ordered list in WebAdmin, the rules are processed sequentially until the packet qualifies for one and then no further rules are considered.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA