Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 26 subscribers
  • Views 3445 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to setup NAT out 2nd WAN in V16

Patrick Todd

I am replacing a current Untangle FW with a Sophos XG unit running V16 and am unsure how to properly setup SIP rules. We have a DUAL WAN, one bonded T1 and 1 Fiber connection.

Image for reference:

 

I need to be able to let regular traffic go out the WAN but specifically traffic from the SIp server to go out the T1 while also setting up NAT to allow the SIP server to be seen as the IP of the T1.

 

I created some network rules (unfortunately I am not onsite to copy them) but was thoroughly confused on how to set this up properly. From what I can tell NAT is done via a 'Business Application Rule' not 'Network Rule' is that correct?

How would I go about creating a Business rule in v16 (the interface looks a bit different from most of the knowledgebase articles which are mostly from october 2015) that:

 

A) NAT for SIP server

B) Pushes all SIP traffic out T1, All other traffic out Fiber WAN.

 

Do I need static routes for this as well?

 

Thanks in advance!



This thread was automatically locked due to age.
  • 0

    Patrick,

    in order to use the proper gateway (so public IP you need), you have to configure both gateway inside Routing > Gateway.

    On the Firewall Network Rule, select the source zone and wan as destination and under the advanced section (always inside the rule) select the gateway you would like to use and the proper NAT.

    For the Business Application Rule, to select the proper public IP to listen to select it under destination host/network and dnat to the internal device under protected server.