This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Loadbalancing devices behind a other firewall

Hey community,

im new to the Forum and hope someone can help me.

I am working as a IT Technical for Hotel bussines and run into a Problem..

One of our costumers have 3 Wan Connections with 20 up/down, since the Hotel is in a ski-Region we have no other Options to push the bandwidth.

Loadbalancing this 3 Connections for the Office Lan, or DMZ wich have the UTM as Gateway is no Problem and is working.

But for the Guest Lan i have no idea how to make it work, for the guest lan i am using a other Firewall (is connected directly with the Hotel Managment Software and give the Hotel additional Tools to manage the interection with Guests) which has the UTM as GTW. The Firewall is the Gateway for up to 300 Devices, right now there are 170 Online.

Now my question: is there a way to balance the devices behind the Firewall with the UTM?

greetings

Elmar



This thread was automatically locked due to age.
Parents
  • Hi, Elmar, and welcome to the UTM Community!

    I can't picture the toppology you describe, but I would use Uplink Balancing with a Multipath rule by connection for the guest network.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello,

    thx for your Reply.
    gonna try to explain it better,

    i have 3 uplinks A,B,C with 20/20 connected on the utm
    i have a officelan and dmz for the costumer
    i have a second Special Firewall in the dmz for the guest lan

    My question is, is it possible to Balance the traffic from the guest Network over the 3 uplinks.
    Currently they are routed through the same uplink and generating 20/20 traffic for it.
    Cause on the utm it just Show the Connection form the Firewall and the utm.
    While the Office Lan is splitted between the two other and are generating max 2/2.
  • I guess that the problem is that the firewall for the Guest LAN is masquerading. Since the default balancing is "by connection," all of the traffic from the Guest firewall uses only one uplink. The cleanest, easiest and most-secure solution would be to connect the Guest LAN directly to another interface on the UTM and get rid of that Special Firewall.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi,

    yes that would be the best solution, but we cant do this since the utm doesnt have the Interfaces to communicate with the Hotel managment Software.

    but somehow i managed to make it work by activate QoS, set the proper value for each uplink and make a multipath rule for the guest lan by Connection.

    yet the Problem is the same, before i got one uplink at ~10/1 now i have each uplink at 4/0,5.

    i assume there is still somewhere a Limit for the internal Networks or some other kind of Limits.
Reply
  • Hi,

    yes that would be the best solution, but we cant do this since the utm doesnt have the Interfaces to communicate with the Hotel managment Software.

    but somehow i managed to make it work by activate QoS, set the proper value for each uplink and make a multipath rule for the guest lan by Connection.

    yet the Problem is the same, before i got one uplink at ~10/1 now i have each uplink at 4/0,5.

    i assume there is still somewhere a Limit for the internal Networks or some other kind of Limits.
Children