This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec route over gateway route

Hi all, 

I want to know how does the Sophos UTM take priority on network routing.

Take the snapshot below as an example. This routing table is taken from the Sophos UTM at Support > advanced > Routing Table

default via <ISP gateway> dev eth1  table 200  proto kernel onlink 
local default dev lo  table 252  scope host 
default via <ISP gateway> dev eth1  table default  proto kernel  metric 20 onlink 
10.10.0.0/16 dev eth1  proto ipsec  scope link  src 10.20.0.2 
10.10.0.0/16 via 10.20.0.1 dev eth0  proto static  metric 5 

The reason there are 2 routes for 10.10.0.0/16 is that I have a site to site VPN configured for subnet local to the UTMA 10.20.0.0/16  to remote subnet behind UTMB 10.10.0.0/16. This site to site VPN is a backup connection.

I configured the static route (gateway route type) is because I want the UTM to route traffic like email notification, Syslog via this static route to our email relay server and Syslog server while the main connection is UP, and if the main connection goes down, it can still send the traffic to via the site to site VPN. *Please note that the main connection is not connected via the UTM.

It seems like the route created by the site to site VPN is taking priority over than the static route.  

Is there a way for the static route to override the IPSec route?   Am I making a mistake on the configuration to achieve what I want to do? 

Any help would be much appreciated. 

Thanks,

MT



This thread was automatically locked due to age.