Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 4 subscribers
  • Views 14479 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Correct way for Uplink Balancing/Failover

DaveR

I'm new to the Sophos UTM platform coming from ISA server.   I've found the device very nice, well designed and easy to manage.

Currently, it is hooked up to one WAN connection (50 MB Fiber).   I'm looking to add a second connection (Cable).   My requirements are very simple.  I would like to have all outbound traffic travel over the Cable and failover to the Fiber if necessary.    All web publishing and other firewall rules come in over the Fiber.   I have read some of the articles on Uplink Balancing configuration.

I just want to ensure when I enable that balancing, that it will not have any negative effect on my web and firewall publishing rules.

Thanks in advance



This thread was automatically locked due to age.
  • 0
    Hi, Dave, and welcome to the UTM Community!

    Put both WAN connections into 'Active Interfaces' and make a Multipath rule binding 'Any -> Any -> Any' to the cable interface.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Bob,

    Thanks for the info. Also just wanted to confirm that this won't have any effect or confuse my web server rules or any of my NAT publishing rules. The Uplink balancing only affects outbound connections correct?

    Thanks again for all the help
  • 0 in reply to DaveR
    Just outbound requests from your UTM. Any response traffic requested over the internet via the fiber connection will be sent back out that connection by the connection tracker.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Bob,

    Odd condition before I even get to the point mentioned above---when I simple try to add the additional interface for the cable to the interface list, as soon as it is enabled, all of my NAT and web rules stop working. As soon as I disable this new interface, they start working again. Any thoughts on this?

    Again, thanks for all of your help
  • 0 in reply to DaveR
    Dave, one of our unwritten rules here is "one topic per thread" - that makes it easier for folks to find answers more quickly in the future. Please delete your last post here and use it to start a new thread in the Network Protection forum.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    What??? that was EXACTLY his main concern and part of the thread. Will this have an impact on his rules for the web appliance.. .... IT did have an impact. 

  • 0 in reply to RandallMueller

    Hi Randal,

    If you read the question correctly Bob's suggestion to the answer was to the point. Dave needs to start a separate thread to troubleshoot the issue which is caused due to activation of an additional address on interface. 

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Unfiltered HTML