NAT to additional IP when multipath rules are activated

Hi,

I have an Sophos UTM SG650

We have two internet uplinks, and with the use of Multipath Rules I determine which IP's need to go over the secondary internet line. This works fine.

Now when I try to send the traffic over an additional IP address of that secondary line, it won't take it. It keeps on using the IP of the interface. I have tried DNAT and Masquerading, but it won't make a difference.

Is there something I'm missing?

 

Thanks in advance! :)

Parents
  • Hoi Max and welcome to the UTM Community!

    I assume "DNAT" is a typo and that it was "SNAT" that you meant, or ???

    What traffic from where are you trying to send with an Additional Address?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob!

    Thanks for the reply. :) I have tried both SNAT and DNAT actually.

    Out clients are working in a virtual environment, and have proxies set up in their Citrix Workspaces. Via that proxy the traffic enters the UTM. So as a source I have marked the source IP pool of those Workspaces, and the destination I changed via Multipath Rule to the other gateway, and via SNAT I want to send the traffic to the Additional Address.

Reply
  • Hi Bob!

    Thanks for the reply. :) I have tried both SNAT and DNAT actually.

    Out clients are working in a virtual environment, and have proxies set up in their Citrix Workspaces. Via that proxy the traffic enters the UTM. So as a source I have marked the source IP pool of those Workspaces, and the destination I changed via Multipath Rule to the other gateway, and via SNAT I want to send the traffic to the Additional Address.

Children
  • Are the ports in use only 443 and 80, Max?  Does the UTM have the Transparent web proxy enabled?  Please show pictures of the Edits of the Multipath rule and the NAT rules.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    Thanks for the support so far. The issue is not relevant anymore, we wanted to forward the traffic via this way when the license would axpire and the UTM would fall back into it's Base Functionalities.

    Turns out that the UTM won't forward any traffic at all with this Base license, so we have to figure out another way unfortunately.