we have the following configuration:
Internet >> FW1 (192.168.3.x) >> FW2 (192.168.33.x) >> Webserver (192.168.33.50)
On FW1 I setup a DNAT rule to the webserver (192.168.33.50).
On FW 2 the default gateway is NOT FW1. The default gateway is a FW3, connected to secondary interface on FW2. Currently only traffic to 192.168.3.x is routed to the network between FW1 and FW2.
Now users should be able to access the webserver via FW1 (and only from FW1). It seems that incoming traffic can reach the webserver but there is no outgoing traffic.(I think, because the default route forwards all traffic to FW3)
I thought policy routes were the way to go but it doesn't work.
How can I setup the FW2 that outgoing traffic from the webserver (only port 443) is routed to the FW1 instead of FW3?
Hello Christian Schulz1 ,Thank you for reaching out to the community, Please refer the following links below:1.) best practice for uplink balancing and multipath rules2.) Uplink Balancing and Multipath rules
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.
It is working now. I forgot to enable default gateway on the second interface