Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 4155 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

interface / Multipath Rules with slow and fast connection

KR15

Hi All

Totally new to the Sophos environment so please be gentle.

We have a Sophos UTM SG125 which was set-up by a previous colleague. This serves a very simple environment which consists of a mail and file server.

We have a Slow ADSL interface with a static IP to facilitate the above.

 

Recently a Fibre connection has been made available to use but this has a dynamic IP set up.

I would like to direct all web surfing (up and down) for three of our five members of the team through the faster fibre connection, but leave all other connections like the mail, file and any other service through the ADSL line (with the static IP) which I believe they need.

I have setup the "Fast Connection" as a new interface and it states that it is connected (UP/Green).

Im trying to setup a Multipath rules that directs web surfing(service) for those specific users(source) by interface, and Bind interface to "fast Connection", but there is nothing available in the dropdown menu.  Is this because I haven't enable Uplink Balancing? 

Im worried that if I enable to uplink balancing I will screw up the the connection from the mail and file server to the Slow ADSL with need to static IP.

 

Apologies for such a simple question, but I have no support network to fall back one.

Cheers All

K



This thread was automatically locked due to age.
  • 0

    Hi K,

    you have to setup two multipath rules one for your mail communication and for web communication.

    But before as you have figured out uplink balacing must be enabled.

    Both of your external interfaces must have an default gateway definied.
    If you do this uplink balacinig will be enabled automaticly.

    Then create the multipath rules
    Any -> SMTP Ports (25,465,587) -> any bound to your external mail interface
    -> advanced option that this rule will not be skipped if interface is down -> tick

    any -> web surfing -> any bound to your external fast connection

    Best Regards
    DKKDG

  • 0 in reply to DKKDG

    Many thanks for your help.

    If I take a back-up of the current settings, and then apply my changes. Is it as easy as just restoring the back up file to roll it back to its current state?

    K

  • 0 in reply to KR15

    Yes. As long as you stay on the same firmware level, you can restore your settings without any problem.

    In case of an update too, but not if you hav.e to downgrade for some reason. So try to get your task completed before doing Up2date firmware upgrade.

    Best

    Alex

    -

  • 0

    Hi K and welcome to the UTM Community!

    You didn't say whether you have a Mail Protection subscription.  If you do, then I wouldn't use DNAT for inbound email.  If you don't have that subscription, then follow the advice you've gotten here, paying attention to #3 in Rulz.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML