Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 2 subscribers
  • Views 3861 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Per outgoing interface firewall rules

BenoitLambert

We have a Sophos UTM SG 125. We have two WAN links, our main one through our ISP and a 4G modem link setup in an active / standby configuration. (Uplink Balancing and Uplink Monitoring)

When our main ISP connection fails, it fails over to the 4G cell connection and it works great.

Once failed over, we want to limit traffic to only HTTP / HTTPS on the 4G connection, hence my question; is there a way to do "per outgoing interface" firewall rules?

Any firewall configuration needs a source network, but in my case the source network is always the same.

Is this possible?



This thread was automatically locked due to age.
  • 0

    Hi, Benoit, and welcome to the UTM Community!

    On the 'Uplink Balancing' tab, put the Interface for the ISP connection in 'Active Interfaces' and the one for 4G into 'Standby Interfaces'.  For faster failover, you can put both in Active and use the wrench icon to set weight for the 4G connection to "0" (zero).

    Next, create two Multipath rules, in order:

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML