Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 3522 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can I configure a UTM 9 with 2 wan interfaces on different IP addresses with 2 different LAN network interfaces at the same time. in effect, have 1 UTM filtering traffic on 2 separate WAN's and 2 separate LAN's?

Drew Dumbrell

Can I configure a UTM 9 with 2 wan interfaces on different IP addresses with 2 different LAN network interfaces at the same time.  in effect, have 1 UTM filtering traffic on 2 separate WAN's and 2 separate LAN's?

Can I simply create a additional WAN interface with its interface IP's along with an additional LAN port with its separate IP and keep the 2 networks divided via VLAN on my switch ?  I dont want the 2 different local networks crossing over.

 

What would be the procedures and best practice for accomplishing this ?

 

Thanks in advance for your help



This thread was automatically locked due to age.
  • 0

    Yes you can do that, however remember that once you use web filtering in the UTM that by default over the proxy every network connected to the UTM can communicate with every other network connected to it. When using web filtering you need to make exclusions for this.

    Also you need to add in some rules to specify which LAN should use which WAN and whether or not the other WAN interface can be used in case of a WAN outage.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0

    Hi Drew and welcome to the UTM Community!

    If you want to restrict traffic for each VLAN to a specific WAN connection, see How to change the outgoing interface for Web Filtering.

    Also, you might be interested in a document I maintain that I make available to members of the UTM Community, "Configure HTTP Proxy for a Network of Guests."  If you would like me to send you this document, PM me your email address. I also maintain a version auf Deutsch initially translated by fellow member hallowach when he and I did a major revision in 2013.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML