Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 29 subscribers
  • Views 991 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Route problem on XGS116 firewall

David Chour

Hello,

I'm stuck on a LAN routing problem.

We changed our UTM firewall to XGS116, I recreated the rules and configuration on the new firewall, but I have a problem with the incoming traffic to the internal network.

We have several offices that are interconnected by MPLS.

From the other offices I can no longer reach the head office network, but I can reach the subnet

Here is a diagram and the static routes.

Can you please help me ^^



This thread was automatically locked due to age.
Parents
  • +1

    Hi David Chour

    Seems Asymmetric Routing, can you try the below steps :

    console>show advanced-firewall


    console>set advanced-firewall bypass-stateful-firewall-config add source_network [source network IP] source_netmask [source subnet mask] dest_network [destination network IP] dest_netmask [destination subnet mask]

    Thanks and Regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    Hello Bharat,

    I would prefer to "optimize" David's network design instead of configuring a workaround on the XGS.

    And I don't like the often heard argument "it worked before with the SG ..."

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to jprusch

    +1. The diagram shows an odd physical configuration that you can work around with the CLI but if there isn't a specific reason (or an error in the diagram) for this, they will eventually have other problems or inefficiencies.

Reply Children
No Data
Unfiltered HTML