Good morning Sophos Staff,
This is still a valid issue. I understand you created the SD-WAN ruleset decoupled from the firewall/nat rules. However, your objective was too narrow.
Correct me if I am wrong.
This is my understanding.
In order to utilize a certain gateway I need to create an SD-WAN policy. It certainly did not work strictly with a NAT rule, linked or unlinked.
If I want one of my workstations to peer to the internet from a specific Gateway, I must create an SD-WAN policy, but the SD-WAN policy has no Zone assignment. So when I do this I must select ANY as my destination network. This brakes any other Firewall Rule LAN routing I require that does not have a gateway assignment.
If I cannot link a firewall or NAT rule directly to an SD-WAN rule, like the imported pre-upgrade rules, then can we get a zone assignment for SD-WAN?
If not I am thinking I will have to setup each VLAN subnet as a gateway with a slew of more SD-WAN rules to direct specific non-WAN traffic, is that possible?
Or must I apply static routes for the non-WAN traffic?
This thread was automatically locked due to age.
