I am new to Sophos and do not know how the firewall (FW) and load balancer (LB) features work. Here are the details and the issue I am having.
FW Version
8.960-9
Interfaces
DMZ 192.168.3.253 - eth1 - external
DMZ2 192.168.3.250 - eth1 - external - Additional interface
DMZ3 192.168.3.249 - eth1 - external - Additional interface
Internal 192.168.4.254 - eth0 - internal
Real Servers
svr61 192.168.5.61
svr62 192.168.5.62 - offline
svr63 192.168.5.63 - offline
FW -Rules
Rule 2: Any IPv4 -----HTTPS -----> DMZ, DMZ2, DMZ3
Rule 3: Any IPv4 ---HTTP/HTTPS --> DMZ3
Rule 19: srv61,svr62 -------Any---------> Any IPv4
SNAT
Rul 5: Any -----HTTP -----> srv61
Rul 6: Any -----HTTPS -----> srv61
Rul 7 (disabled): Any -----HTTP -----> srv63
Rul 8 (disabled): Any -----HTTPS -----> srv63
It appears that traffic is not being forwarded to the real server or back through the external interface, I cant determine which. At one point the traffic was hitting the SNAT for srv62 which is offline. I disabled that SNAT but traffic continued disappear. I created real server srv63, added it to the LB rule and removed srv62 from the rule. At this point all traffic was forwarded to srv61 as expected. The FW has since stopped accepting HTTP and HTTPS requests from some external sources but not all. I am not sure if this is enough information, I was hoping someone had seen something similar and could provide some insight.
Please let me know if you need more information.
Thanks in advance for the help.
This thread was automatically locked due to age.
