This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED con 2 UTMs y 2 Wanes en cada lado

Hola,

     Tengo 2 UTMs unidos por RED, en la actualidad, en la parte servidora tengo dos WANES y tengo duplicidad en la parte cliente, configurando la IP por donde tiene que ver al servidor. Hemos montado otra WAN en la parte cliente, para no depender de un operador, y las tengo configuradas como balanceadas, pero al intentar configurar la duplicidad por la segunda WAN no tengo opción de especificarlo, y lo hace sobre la primera, con lo que tengo dos veces el mismo tunel.



This thread was automatically locked due to age.
  • Hola Manuel,

    eso lo peudes solver por una regla en Interfaces and Routing -> Interfaces -> Multipath-Rules. Pero eso creo que no te va solucionar tu problema. El routing a la misma IP de la servidora no sera posible por DOS tuneles al mismo tiempo.

    Saludos desde Alemania.

    Viele Grüße / Best Regards,
    Manu

    - CISO -
    - Sophos SCA & Partner-

  • RED with 2 UTMs and 2 WANs on each side

    Hola Manuel - welcome to the UTM Community! ([Google]: bienvenido a la Comunidad UTM!)

    Instead of posting translations from Google Translate, I believe that people should feel free to post in their native language if not comfortable with their English.  Then so that everyone else doesn't have to use Google Translate if they don't speak your native tongue, do provide the translation from Google.  Below is the exchange that you and Manu just had. ([Google]: En lugar de publicar traducciones de Google Translate, creo que la gente debería sentirse libre de publicar en su idioma nativo si no se siente cómoda con su inglés. A continuación, para que todos los demás no tengan que usar Google Translate si no hablan su lengua materna, sí proporcionan la traducción de Google. Debajo está el intercambio que tú y Manu apenas tenían.)

    Cheers - Bob

    Manuel [Google]: I have 2 UTMs joined by RED, currently, in the server side I have two WANS and I have duplication in the client side, configuring the IP where it has to see the server. We have mounted another WAN in the client side, not to depend on an operator, and I have them configured as balanced, but when trying to configure duplicity for the second WAN I have no option to specify it, and it does on the first, with what I have Twice the same tunnel.

    Manu[Google]: That you can solver by a rule in Interfaces and Routing -> Interfaces -> Multipath-Rules. But I do not think you're going to solve your problem. Routing to the same server IP will not be possible by TWO tunnels at the same time.  Greetings from Germany.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • You can have two RED tunnels between the two sites, but you may need to configure them in a different way.  You then can use Uplink Balancing to balance the traffic over the two WAN connections.

    Please insert pictures of your Interface definitions on both UTMs.  Also, any Static Routes or other rules for the RED tunnel.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I have no problem writing in English, but Spanish is a language spoken by 518 million people as a native language vs. English 339 million.

    I have configured 2 wans, ONO and TELEFONICA   and Uplink balancing   and virtual interfaces to my central office Tunel 1 and Tunel 2 using interface TELEFONICA.  It's possible configure other two virtual interfaces using ONO interface ?, if I try to configure the tunnels over interface ONO I can't specify the interface from wich it come out and my UTM in central office detects de public IP of interface TELEFONICA.

     

    Regards

     

     

  • Thanks, Manuel, for switching into English.  I support having folks post in their native language and then providing a translation into English because this is a global community.  Certainly, Spanish is spoken natively by many more people than is English.

    Unfortunately, Michael Klehr's blog that I'd hoped to link to here is not online at the moment.  Here's a link to a similar approach with IPsec tunnels that he let me copy to the UTM Wiki here.  Although it's in German, the pictures are self-explanatory, so I haven't yet created an English version.

    In this case, I don't think you need the complex approach Michael describes.  I think you can simply use Policy Routes to select which traffic goes through which tunnel.  On the other end, you will want to masquerade the traffic coming from your end so that return traffic comes back via the correct tunnel.

    Cheers - Bob

    PS Many years ago, I was in Moscow doing a mini-course for top scientists from the USSR Ministry of Chemistry to whom the French company I worked for had sold a new computer programmed in APL.  Our hosts had taken us to dinner the evening before and had had us drink vodka like wine.  I was moving slowly that morning and accidentally started out with a greeting in English.  The translator said, in French, "I was asked to translate from French, not English."  I apologized to him and continued in French so he could translate into Russian.  Later at lunch, two of the scientists said, in English, that they wished I'd continued in English because all of them would have understood without translation.  Today, I expect that there are twice as many non-native English speakers as there are native speakers.  It has become today's lingua franca in business.  In France, the top business schools now teach all courses in English, and the French are just as proud of their language as is my niece's husband in Spain. [;)]

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA