I have the suspect that WAF NLB is not available anymore on v18. Can someone from Sophos confirm if it is a bug?
UTM Certified Architect - XG Certified Architect
A real server in V17.5 was also limited to FQDN or IP Host.
Load Balancing in WAF is archived by selecting multiple Real server in WAF firewall rule.
(Same like UTM). Online Help UTM:
Host: Add or select a host, which can either be of the type Host or DNS Host. We highly recommend to use the DNS hostname here because otherwise the host header contains the IP address of the Host which may lead to problems with some browsers. How to add a definition is explained on the Definitions & Users > Network Definitions > Network Definitions page.
Real Webservers: Create a new real webserver or select the checkbox in front of the webserver you want to apply the firewall profile to. If you have mirroring webservers you can also select more than one webserver. By default, traffic will be load-balanced between the selected webservers. The implemented request counting algorithm automatically assigns each new request to the webserver with the lowest number of active requests at present. On the Site Path Routing tab you can specify detailed balancing rules.
I am talking about v18 and not v 17.x. This KB https://community.sophos.com/kb/en-us/132277 does not fit anymore on v18 and to be honest I am confused on how to achieve the WAF NLB.
You are mixing WAF with NAT.
Both options are still present in V18.
Your KBA is NAT Load Balancing. This option is still there in NATv18.
Check the NAT Policies and "Advanced Settings" (bottom). If you select a Network Range, like in the KBA, you can Load Balance.
If you talking about WAF, you have to create a WAF Rule with two Real Server.
Then you select per Site path the Real server and XG will Load Balance between those Servers.