This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Internet access when UTM is down

Hi,

We are using RED device at our remote location that connects to our UTM Firewall which is located outside of offices at Datacenter.

At the moment RED device is configured to: Standard/Unified mode, which means that all traffic happening at the remote location is going through RED tunnel to our Firewall including internet traffic. When our UTM is down we do not have Internet access at our remote location.

I read some documentation and could see that RED can be placed to mode Standard/Split this would mean that just LAN traffic from remote location would go through RED tunnel to our Firewall and Internet traffic would go directly from RED device to outside.

To avoid losing Internet connection at our remote location when our UTM Firewall is down is it enough and sufficient to just place it in Standard/Split mode, or even then when UTM is down internet will not work.

Idea and plan is to have internet access available even when UTM is down. Behind that RED device we have a router from ISP.

Thanks !

Kind regards,
Goran



This thread was automatically locked due to age.
Parents
  • RED's main purpose is to just provide a tunnel back from your remote location to your UTM location.  Even if your UTM drops using Stanard/Unified mode, your users will not get internet, as it's outlined in the RED guide.

    You might be better served using a UTM at your remote site and have it as an HA or something.

    Edit: and Vivek just copied and pasted it from the link I gave.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Reply
  • RED's main purpose is to just provide a tunnel back from your remote location to your UTM location.  Even if your UTM drops using Stanard/Unified mode, your users will not get internet, as it's outlined in the RED guide.

    You might be better served using a UTM at your remote site and have it as an HA or something.

    Edit: and Vivek just copied and pasted it from the link I gave.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Children
No Data