Changing public IPs

Question

I've got a Sophos XGS116 at a colocation site where we host a bunch of servers for our clients. Currently on SFOS 18.5.2 MR-2-Build380 although I can update it before this changeover if needed for functionality for my request below. Otherwise, I was going to update it as part of the migration. 
 This one firewall has no VPNs or anything else. 
 Internal servers are on 8 or so different public IP's for different things, using 50 or so various firewall rules, about 40 NAT rules, 44 IP hosts, and about 70 custom services. 
 Our host at the colocation site is setting up a better, faster, newer, more redundant network and it's going to require me to change public IP's. 
 Is there any easy way for me to replicate what EXISTS currently using Port 2, our WAN port, for all these rules and old public IP's and copy it to another port where I could then go edit the public IP information and rules accordingly? I'd rather not have to manually recreate all of this to be active on a new WAN port for the new IP's. 
 Ideally, I'd like to have it connected to both networks so I can test things out before I migrate DNS and clients to use the new IP's and verify functionality. Which is why I am not simply editing the IPs for the current setup and making the change in a single shot. 
 Searches through this forum so far haven't turned up anything similar to this that I've managed to find yet. 
 Thanks for any help

rfcat_vk · Answer

Hi, 
 the issue really comes down to how you have identified your WAN interface and external network in your rules. If you have used WAN and ANY then changing IPs will not be an issue. If you have setup a DNS using the existing service IP then you will need to manage those changes. Testing will then be a challenge to ensure traffic goes out the new port when testing. If you are testing outside of hours after you have setup your new interface then you can disable the old interface. 
 Ian

Changing public IPs

Top Replies