I can have on the same WAN interface, an IP 220.127.116.11/255.255.255.192, with gateway 18.104.22.168.And several IP Alias on the same interface, only on a different network, 22.214.171.124-126.96.36.199/255.255.255.240?
Alias would be for publishing services hosted on the internal network, such as web server, erp application, e-mail server, etc.Wait and thanks !
Alias IP must use the same subnet of the physical interface.
I don't know that is entirely true; encountered a customer years ago whose ISP was, in American terms, "lame." They added additional public IPs using ROTP (Routing Over The Top) …. granted, this was with Sophos SG UTM (may have even been Astaro UTM back then... but to my amazement adding each Alias IP with a /32 worked for publishing inbound services (of course it did not work for outbound, but that wasn't the point)… the ISP did some "Magic" that allowed this to work. I wasn't a fan of the configuration, but it did work. Things may be different on XG of course.
CTO, Convergent Information Security Solutions, LLC
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
The provider gave a solution.It will put a router on the edge, where it will be the gateway of Sophos, the WAN interface of the router will have IP 188.8.131.52/255.255.255.192, since its internal interface connected directly to XG, it will have IP 184.108.40.206, in XG it will be 220.127.116.11.So the XG interface and the Alias will be on the same network.That solves the problem, right?Detail: The IP addresses here are fictitious.
It will work but you will have another hop.
As I said on v18, you CAN HAVE IP Alias with different subnet mask. Check the screenshots.