Advice on Configuring NAT Masquerading with ISP Failover

Hi all,
I have two ISPs in my Sophos UTM 9: a primary and a secondary line. Currently, I’ve set up masquerading for the primary line using the external interface, which was straightforward.
Now, I’d like to configure masquerading for the secondary line in case the primary one goes down.
My concern is that configuring masquerading for the secondary line might interfere with the current setup, potentially causing service disruption.
I'd appreciate your advice. Ultimately, my question is: if I create two NAT masquerading rules, one for the primary and one for the secondary, will Sophos automatically choose the masquerading rule for the active line?

Mauro

Parents
  • Yes, Sophos automatically choose the masquerading rule for the correct line.

    Also, if both lines are active at the same time (load distribution), every interface is masqueraded with its own interface-IP.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • Yes, Sophos automatically choose the masquerading rule for the correct line.

    Also, if both lines are active at the same time (load distribution), every interface is masqueraded with its own interface-IP.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
No Data