Masquerading of host not working as expected

Hello.  Masquerading of a host to an additional IP address does not seem to be working and could use some help sorting it out. 

This is a Sophos UTM 9.711-5.  I have an additional public IP on our primary WAN eth1.  I have several DNAT rules that successfully forward traffic from the additional public IP to an internal host so that part works.

I would like all outbound traffic from the internal host to have a source address of the additional public IP.

I created a masquerading rule and said all traffic from the internal host should go out over the Primary WAN interface/additional IP and put that in position 1.

And yet, currently all outbound traffic from the internal host still says it is originating from the primary WAN address instead of the additional public IP.

Assuming no data entry errors, do I have the general configuration correct or am I missing additional steps?  Other ideas to troubleshoot?  Thanks.

Parents Reply Children
No Data