We have a Sophos SG210 UTM. Until now we connect all our Sophos RED 50 devices to the first interface on the UTM where the default outbound gateway is configured. With this setup the Tunnels between the Reds and the UTM are working as expected.
A few days ago we got an DDOS Attack onto the UTM. It was an incoming Attack onto the first interface with the default outbound gateway configured. Because the Attack used the whole 1 Gbit/s incoming of the first interface our RED Tunnels went down.
So i thought to connect the Sophos Red Devices to a second interface on the UTM. Now i have one Problem. If i change in the RED config onto the UTM the UTM Hostname (i use ip-addresses instead of Hostname) to the ip-address of the second interface, the RED Tunnel went up and down and up and down and so on. If i config on the UTM a static route outgoing, which forces the traffic from the UTM back to the RED device over the second interface the tunnel gets up an working.
So my question. Is it not possible to get the traffic between a RED devices and the UTM incoming on the second interface and outgoing on the first interface with the defaulte route. My problem is that the locations where the RED devices are don't have a static ip. So configure a static outgoing route on the UTM is not an option for us.
This thread was automatically locked due to age.
