Hi,
I work for an MSP and we host client backup data in our data center. I am evaluating switching our Draytek 3900 firewall for a Sophos XGS device. Before we commit to a purchase I am using an XG230 as a test platform to see if it will do what we need it to do and if we're happy we will purchase an XGS.
Our situation is as follows:
We use Altaro VM backup across our customer base and off site traffic goes over the WAN to our data center. Altaro uses TCP ports 35116, 35117 and 35120. We have four diffrent offsite servers to spread the traffic across. All of them on internal IP's. We use a URL at the client's end for the backup location. On the Draytek 3900 this has been working flawlessly as I have been able to specify my destination port/IP on the NAT rule based on the source IP the traffic originates from. So for exampe Customer A will hiit Server A on our network on the previously mentioned ports and likewise Customer B will hit Server B.
I'm going through a trial run on the XG230. I've created my firewall rules/NAT rules using the Server Access Assistant and whilst things seem to be working I am getting a some connection timeouts on 3 of my off site servers. The one without any issue just so happens to be placed highest in the firewall rule order.
My first question, can the Sophox XG/XGS hardware handle port forwarding where the destination port is the same but the destination IP is different depending on the source IP?
Are there any settings I can tweak to help with the connection timeouts? I've checked the usage graphs and it doesn't seem to be a case of the XG struggling to cope with the traffic. We have a Gig line too so bandwidth is not the issue here. I do have one train of thought that it could be my servers themselves but thought I'd post here to check if the XG/XGS can do what I want it to do and if there are any recommended settings for this sort of setup.
Thanks
This thread was automatically locked due to age.
