Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 5572 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UPlink Balancing, Multipath Rules, Firewall

Uwe Bohnhoff

Hello,

we have two WAN-Interfaces, Uplink Balancing enabled (towh Active Interface) and Multipath Rules defined. (in SG 125)

All work fine till today.

Today one WAN-Interface (the first in Uplink Balancing) have no Connection to the Internet (the Provider have some Problems).

Also the traffic, defined in Multipath Rules only to the second WAN-Interface doesn't work.

Then we changed the order in Uplink Balancing, now the traffic work, but also some of the traffic only defined for the first "defect-Interface" work also.

What we have to Change, or to look for?

Thank you

best regards

Uwe



This thread was automatically locked due to age.
Parents
  • 0

    In the multipath rules, did you enable the option: "Skip rule on interface error" under Advanced?

    In Uplink balancing from both active interfaces, how's the weight configured for both interfaces?

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    Hello,

    Yes, in the multipath rules, we have enabled "Skip rule on Interface error".

    Both Interfaces have the same weight of 100. Persistence Timeout 1 hour.

    best regards

    Uwe

  • 0 in reply to Uwe Bohnhoff

    Sounds a little strange that you had to switch the order of the interfaces in order to make it work again. Maybe the interface wasn't really in error or the system couldn't determine it didn't work (how's the monitoring configured? Automatic or did you configure some other server to monitor uplink?).

    The reason that after changing order traffic did flow over the 2nd WAN could be because of the checkmark on "skip rule on interface error", however for this to work the system would actually need to find out that the interface is in error, but in that case the rule is skipped and the traffic is sent out over another working interface.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to Uwe Bohnhoff

    Hallo Uwe,

    If you still need help with this, please show pictures of the Edits of the Interfaces and Multipath Rules.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello Bob,

    we have changed the order of the Interfaces and disabled "skip rule on Interface error". Now it seems to work.

    Thank you for reply.

     

    Best regards

    uwe

Reply Children
No Data
Unfiltered HTML