Sophos Firewall

Discussions 2 different Port Forwarding on 2 WAN Links individually

Sophos Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 3 replies
Subscribers 27 subscribers
Views 2226 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

2 different Port Forwarding on 2 WAN Links individually

Sachin Sathe over 6 years ago

Hi,

I am sachin sathe from Pune.

I am new to this forum.

I recently purchased a XG 210 Appliance, following is my setup

WAN LINK 1 - PPPOE - but gives me a static IP - 117.XX.XX.XX

WAN LINK 2 - PPPOE - But given me static IP - 59.XX.XX.XX

LAN- 192.168.26.X

I have 2 different applications hosted on 2 internal Servers.

I want to use 2 separate wan links for each of the application.

That is -- For PORT 9000 and 443 i want to use WAN1 and forward the traffic to Internal LAN IP

and for PORT 50544 and 9999 want to use WAN2 and forward the traffic to Internal IP

also want to configure web browsing of few machines on the lan to use a WAN link 2.

i am confused between Policy based routing and Port forwarding and Firewall Policy Rules

please guide me.

thanks

sachin

This thread was automatically locked due to age.

Parents

0 rfcat_vk over 6 years ago

Hi,

the easy bit first.

you create a firewall rule source LAN -> any (you can create you own network if you wish) -> destination WAN -> any -> allow (port) -> log -> MASQ - > WAN2. When you are comfortable that is working you can refine the port selection, enable the web proxy by turning on http scanning, add web and application policies and tune the IPS.

Firewall policies are used to setup which applications and web categories you allow and are applied in firewall rules.

At this stag you do not need routing policies.

For your incoming server access you create a business rule for each server.

Ian
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 rfcat_vk over 6 years ago

Hi,

the easy bit first.

you create a firewall rule source LAN -> any (you can create you own network if you wish) -> destination WAN -> any -> allow (port) -> log -> MASQ - > WAN2. When you are comfortable that is working you can refine the port selection, enable the web proxy by turning on http scanning, add web and application policies and tune the IPS.

Firewall policies are used to setup which applications and web categories you allow and are applied in firewall rules.

At this stag you do not need routing policies.

For your incoming server access you create a business rule for each server.

Ian
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Sachin Sathe over 6 years ago in reply to rfcat_vk

Hi i just checked with a firewall rule and a Business rules on the firewall.

my WAN1 and the applications associated with the it runs fine, but my WAN2 associated business rule doesnt work.

now guide me whether any Policy Based Routing is required,

please help.

thanks.

sachin
Cancel
Vote Up 0 Vote Down

Cancel
0 rfcat_vk over 6 years ago in reply to Sachin Sathe

Hi Sachin,

you do not need policy based routing. A business rule should cover your requirements.

Please post a full screenshot of your business rule so we can review it.

Thank you

Ian
Cancel
Vote Up 0 Vote Down

Cancel