I currently run XG Firewall as a VM on my unraid server and have an 80mb dsl line (fastest available here) I have done some tests with a 4G Sim card and can get 200mb so with unlimited data deals being very cheap now would I be able to add this into my XG Firewall installation and "bridge" it with my existing dsl line?
Any advice greatly appreciated!
Would recommend to put in the 4G connection the backup connection to DSL.
In case 4G is down, you will automatically failover to DSL and there should no interruption.
I have found I can get a good deal on a contract with a Huwaeii B353 router, would I be able to connect that into Sophos in addition to my dsl line?
I have followed this guide
so I now have 2 WAN connections
but my speed is unchanged?
There is nothing else in the guide to do? have I missed something else?
Hi, I really appreciate your time and have spent countless hours trying to make this work.
The best solution for me would be to specify by IP address what devices I would like to use the 4G Connection (Port 4)
So basically I would like everything to use Port2 (My DSL Line) except IP addresses I specify to use Port4 (My 4G Router)
I have tried every combination I can find and watched the SD-WAN video several times but everything I try seems to be ignored by the SD-WAN policy routing. Is there more I must do like firewall rules?
I have tried to add another port into XG to create another network to find a way to resolve this as well but then XG refuses to boot on my VM (A known issue/feature I know)
so is what I am asking possible?
for example I would like IP address 192.168.0.60 to ONLY use the Port 4 connection which is a different IP Address (192.168.8.5) and Gateway (192.168.8.1)
If this is possible I would really appreciate an example please? I just cannot get this to work.
It should be possible.
Essentially you need a Firewall rule: LAN to WAN. Allow. No attachment to a Port needed. SNAT should be the default SNAT Rule.
Can you link your current SD-WAN PBR Rule?
You should have two.
One on top: Your IPs, ANY ANY - Using Port4.
Second on bot: ANY - ANY - ANY using Port2.
PBR will use first match, so the first rule will be used for your Source IPs, everything else will drop to default.
I have disabled port 4 at the moment as when enabled it prevents my letsencrypt connections (I will deal with that after I get this woriking)
Change the Destination network to ANY in both Rules. That should work.
ok! do I need to reboot? i7hex is still using the dsl connection
ok! I just disabled and re-enabled my i7hex machine and it is now on the 4G network! Thank you!! I just need to test all the other connections now :-)
Do you know why I can no longer connect to my DDNS sites after this change?
First verify, there is no static route.
If there is not, all current session will use the old session. But new sessions should use the configured route.
Maybe your DDNS sites have a problem with your 4G connection. Sometimes there are MTU Problems or other issues with the ISP, which prevent access via a certain dial line.
If you know the sites, you could create another rule on top of your 4G rule: ANY Destination: Those sites and route them via the DSL.
aha! They just took some time to start working again!
Thank you so much!
You have been so helpful! thank you so much!