Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 4 subscribers
  • Views 8071 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using 2 ISPs in Active

John Christian

Hello. I am currently running with one ISP. However I just obtained a second ISP for failover purposes but if I were to leave the 2nd one active with Uplink Balancing on...Will that use both connections depending on need? So if my primary connection becomes maxed out.....the secondary would kick in?

 

Thank you for your time.



This thread was automatically locked due to age.
  • 0

    Hi, John, and welcome to the UTM Community!

    There's no option to have the second WAN connection carry traffic when the first maxes out.  I wouldn't run all traffic through the first unless the second requires payment for volume of traffic.  If that's not the case, we probably can suggest some Multipath and QoS rules that would optimize your users' experience.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thank you for your response! The payment idea is not the case. I have multiple VLAN's going so is it possible for all of them to use both ISP's at the same time? Effectively doubling our ISP capability (even though it's 2 ISPs).......would it work that way?

    Or is it better to route traffic from one VLAN to use a specific ISP and the others use another?

  • 0 in reply to John Christian

    You might want to route specific traffic through a specific WAN connection.  If you have a hot DR site, you might want to be sure that it has all of the bandwidth it needs (using QoS) via the faster connection (using a Multipath rule), only falling back to the slower connection if the fast one is down.  Look at the sample Multipath rules to see where/how you might want to split usage between the WAN connections.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to John Christian

    You are fighting some fundamentsl issues here.   The rrmote site needs to see one client ip + port for the entire connection.  Even udp traffic often generates repkues to the sender ip and port.   You have to create static rules, as Bob indicated.

    There is also an optional feature to link an interface to a web filtering profile, detailed in other posts.   This provides anither way to partition traffic.

Unfiltered HTML