Sophos Firewall

Discussions Use Sophos XG v18 as load-balancer for kubernetes and NTP

Sophos Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 3 replies
Subscribers 27 subscribers
Views 521 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Use Sophos XG v18 as load-balancer for kubernetes and NTP

Chaker Ham over 2 years ago

I have a XG Sophos firewall

I have a Kubernetes cluster with 3 master nodes.

I have tow NTP local servers

All server are configured in my internal network.

I want to use sophos as a load-balancer, I create tow NAT Rules: one for the Kubernetes and one for the NTP but it doesn't work.

This thread was automatically locked due to age.

Parents

0 Bharat J over 2 years ago
Hi Chaker Ham

Thank you for reaching out to the community, please check by

In Original destination: Choose WAN port as per the snapshot (type #port B for example ) as given below

Also, make sure DNAT rule has matching criteria as below :

In Rule position: Choose Top

In Original source: Choose Any

In Original destination: Choose WAN port

In Original service: Choose Service

In Translated source (SNAT): Choose Original

In Translated destination (DNAT): Choose webservers which was created before

In Translated service (PAT): Choose Original

In Inbound interface: Choose WAN port

In Outbound interface: Choose Any

Please check packet flow under MONITOR & ANALYZE || Diagnostics || Packet Capture share the output

Thanks and Regards
"Sophos Partner: Infrassist Technologies Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Chaker Ham over 2 years ago in reply to Bharat J

Thank you for you replay,

I still confused, Because all my servers are provided for internal use why did I need to to specify the wan port?

And where did I need to specify the cluster IP?

Best Regards,

Chaker
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Chaker Ham over 2 years ago in reply to Bharat J

Thank you for you replay,

I still confused, Because all my servers are provided for internal use why did I need to to specify the wan port?

And where did I need to specify the cluster IP?

Best Regards,

Chaker
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Bharat J over 2 years ago in reply to Chaker Ham

Hi Chaker Ham

If you want to load balance the internal server for internal use you can specify with Alias IP on LAN and use under Original destination, please check the traffic flow with help of packet flow under MONITOR & ANALYZE || Diagnostics || Packet Capture share the output

Thanks and Regards

"Sophos Partner: Infrassist Technologies Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel

Share Feedback

×

Submitted a Tech Support Case lately from the Support Portal?