Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 26 subscribers
  • Views 537 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG publish application

Ardian Mehmeti

Hello dear community,

There is an application to be publicly accessible.
We have two different internet lines, one of them is Vodafone (static) and one Telekom (dynamic) and XG firewall is used. Two SD-WAN routes have been created. Currently, the Internet LAN is routed via Telekom (dynamic), but cannot be reached from outside the network. Is it possible to generate an exception by excluding a host from the telecom line and routing it over the Vodafone line.

What are the options for the corresponding configuration?

Thanks a lot



This thread was automatically locked due to age.
  • 0

    Hello Ardian,

    Thank you for contacting the Sophos Community.

    Would you be able to add a network diagram of what is your setup and what are you trying to achieve?

    From my understanding, you have two WANs and you want to provide access to an internal server, but I am not clear on the rest.

    Regards,

  • 0 in reply to emmosophos

    Hello emmosophos,

    sure, i've added a network diagram for you. As you can see the "Host x"(green line) i want to create an exception by excluding host x from the dynamic line and routing it over the static line just as you can see at "Host x" on the network diagram. Hope you will understand it better now. Thank you for your help! Regards,

  • 0 in reply to Ardian Mehmeti

    Hello Ardian,

    Thank you for the Diagram.

    And the issue is that you want Host X to be accessible from the internet, so you are expecting traffic to come from the Dynamic IP to the Host X and this traffic to go out the Static IP OR you want simply the Host X computer to use "Static IP" to go out the internet?

    I think both of them would be possible with SD-WAN rules, you would just need to create a very specific one for the Host X on TOP of your other two SD-WAN.

    Regards,