This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wan 2 Wan routing issue

BonifaceM over 4 years ago

My setup is as below

I am using 2 XG firewalls with the following configuration:

Headquarters

WAN on Port 1 = Internet Connection A
WAN on Port 2 = MPLS Connection
Lan on port 3 - LAN on HQ Side (192.168.2.1/24)

Branch

WAN on Port 1 = MPLS Connection
Lan on port 2 - LAN on branch Side (192.168.10.1/24)

The MPLS connection has routing done between the two by the ISP. I need branch to browse through the HQ branch. I have set the HQ firewall to accept traffic from the WAN (Branch) to the WAN (Internet). However the traffic seems not to be going to the internet once it reaches the HQ router. I do not know what I am missing. I have even tried adding SD WAN Policy routing where I have specified that traffic from the branch should be exited through the internet WAN.

Both LANs are able to see each other with no problems.

Kindly point me out where am going wrong.

Boniface

This thread was automatically locked due to age.

Top Replies

emmosophos over 4 years ago +1

Hello Boniface, Thank you for contacting the Sophos Community! Are you able to see the Internet traffic arriving at the HQ Firewall and leaving the WAN interface? Can you do a tcpdump accessing a website…

0 emmosophos over 4 years ago

Hello Boniface,

Thank you for contacting the Sophos Community!

Are you able to see the Internet traffic arriving at the HQ Firewall and leaving the WAN interface? Can you do a tcpdump accessing a website from the branch, to see if you see the traffic arriving at the HQ, leaving the WAN interface and coming back?

Do you have a NAT rule to NAT this traffic as it goes our the WAN interface?

What is the current route precedence in the HQ XG? console> system route_precedence show.

Regards,
Cancel
Vote Up +1 Vote Down

Cancel