This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Static route through another gateway

Apologies if this topic is covered here elsewhere.  A quick search did not find a solution.

We have the following equipment:

Endpoint

LAN:  10.0.0.40

GW:  10.0.0.1


Sophos UTM

LAN (eth0):  10.0.0.1 /24

WAN (eth1):  100.100.100.2

Private (eth2):  192.168.2.2

SDWAN Appliance

LAN:  (none)

WAN (eth1):  100.100.100.3

Private (eth2):  192.168.2.3

The SDWAN Appliance and the Sophos UTM are connected via a private network on a separate physical network from the LAN or WAN.  The SDWAN publishes routes via OSPF, and traffic to our other facilities routes through that equipment automagically.

There is the desire to begin using the SDWAN for some additional traffic shaping.  Rather than have one policy at our corporate headquarters where the Sophos UTM is and different policies for our SDWAN equipment at our child facilities, we'd like to begin pushing internet traffic for some of our headquarters equipment through the SDWAN.

So... we need to route traffic from the Endpoint through the Sophos, to the SDWAN Appliance...

I created a Static Route to tackle this:

  

With the route enabled, the Endpoint's traffic dies at the Sophos UTM.  It cannot even ping the Sophos UTM.

I have also tried a Policy Route with the same basic settings from above.  Service and Destination set to Any.  Traffic flows.. but continues to use the Sophos UTM for outbound traffic.

Any one able to point me in the correct direction?



This thread was automatically locked due to age.
Parents
  • To help visualize how traffic needs to flow...

    Endpoint (10.0.0.40) ----->  [Sophos LAN (10.0.0.1) -> Sophos Private (192.168.2.2)] -----> [SDWAN Private (192.168.2.3) -> SDWAN WAN (100.100.100.3)]

    Right now we appear stuck in the Sophos config.

Reply
  • To help visualize how traffic needs to flow...

    Endpoint (10.0.0.40) ----->  [Sophos LAN (10.0.0.1) -> Sophos Private (192.168.2.2)] -----> [SDWAN Private (192.168.2.3) -> SDWAN WAN (100.100.100.3)]

    Right now we appear stuck in the Sophos config.

Children
No Data