This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

"Backup" SSL VPN over second WAN

As far as I know, setting up the Sophos SSL VPN has one "Interface address" for all profiles. Now, we only have one profile, but I would like to, if possible, set up UTM so that it allows connections over one additional WAN IP (we have two WAN connections from two ISPs, where one of these is acting as a backup).

However, I'm... not sure how to set this up. My initial idea was to set up a NAT routing from "backup IP" to "SSL IP" (main ISP), but it dawned on me that should "SSL IP" be down for whatever reason, then this likely won't work. Any tips on where to look? 



This thread was automatically locked due to age.
Parents
  • if you mean "remote-access-SSL-VPN" (user-connect) ... open the .OVP file, find the line containing the IP, duplicate the line and use the second IP ... sorry, the manual way-but it works.

    Other options are DNS-Round-robin - works sometimes

    using a DNS-Provider with alive-check - only the reacheble IP is returned - mostly works


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • I don't mind manual edits of the config files, but... does Sophos UTM just listen on all IPs then? I mean, what is the "Interface address" for then, in the SSL settings tab?

  • you need interface-address-any - if you wish to connect to more than one interface.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • Sounds like a plan. But won't this be a problem if I'm already using port 443 (currently used for SSL VPN) on some interface for regular HTTPS?

Reply Children