Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 508 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

sd wan routing

Sherief Refaat

Dears,

I have sophos xg210 v.18.0.5

i have 2 physical 2 ports physical lan (192.168.20.0/22) and (192.168.11.0/24) and i have 2 ports physical wan, the two lans can access internet and the 2 lans can access resources in each lan and the ping is working.

i want to make sdwan to fore lan1 go through wan1

and lan2 go through wan2 , the two lans can access internet and each lan go through the specific wan. but the two lans cann't ping or see each others.

can you tell me how can i make a static route or how can i solve this problem. 



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    You need to set up an SD-WAN policy to route required IP/Network traffic from a specific gateway.

    Here is a sample snapshot for your reference.

    Click here to know more information on "SD-WAN Policy Based Routing".

    Sherief Refaat said:
    2 physical 2 ports physical lan (192.168.20.0/22) and (192.168.11.0/24)

    Assuming both interfaces are in the LAN zone.

    Sherief Refaat said:
    the two lans cann't ping or see each others.

    To stop the communication between said networks, you need to create a firewall rule with source & destination zone as LAN with drop action.

  • 0 in reply to FormerMember

    Dear, 

    Thanks for your answer, but this is not my problem.

    My problem is when making sdwan and route every lan to access internet from specific wan they can access internt "but i cannot access the internal network" the two lans cannot access each other.

    When i trace the trafic from one lan to the other lan i found that the traffic pass from the wan not from the lan. So i need to make a route or a gateway and set a pass if want to access the internal lan but i don't now how to do this step

Reply
  • 0 in reply to FormerMember

    Dear, 

    Thanks for your answer, but this is not my problem.

    My problem is when making sdwan and route every lan to access internet from specific wan they can access internt "but i cannot access the internal network" the two lans cannot access each other.

    When i trace the trafic from one lan to the other lan i found that the traffic pass from the wan not from the lan. So i need to make a route or a gateway and set a pass if want to access the internal lan but i don't now how to do this step

Children
  • FormerMember
    0 FormerMember in reply to Sherief Refaat

    You might need to change the route precedence of the SD-WAN policy route

    Login to SSH > 4. Device Console

    console> system route_precedence set static sdwan_policyroute vpn

    To check route_precedence:

    console> system route_precedence show