Thread Info
  • State Not Answered
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Subscribers 30 subscribers
  • Views 14027 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN Gateway IP on a different Subnet

Hasan Fakih1

Multiple VPS and online server providers these days provide you with a gateway IP that is on a different subnet than the WAN IP. On pfSense, Forefront TMG and Untangle firewalls, I can add the gateway IP even when it's on a different Subnet, but on Sophos XG it's not possible and I couldn't figure out any workaround for it. Anyone have an idea?

 

I forgot to mention that this issue does not exist on Sophos UTM.



This thread was automatically locked due to age.
Parents
  • 0

    Hasan,

    this feature has not been implemented yet on XG. Open a feature request on ideas.sophos.com > XG Firewall Section and post the url here.

    Thanks

  • 0 in reply to lferrara

    anyone know of new developments or workarounds for this?  just ran into the same problem on XG330 SFOS 17.0.6 MR-6 where an interface configured on an isp's /26 will need to use an ip from a separate /30 from the isp as the gateway due to the way this particular network is setup. 

  • 0 in reply to onward

    Hi,

    you didn't answer my question, what type of external connection are you using?

    Below is a screenshot from my XG'g external interface.

  • 0 in reply to rfcat_vk

    i'm actually not the original poster, just found this post searching.  external connection is ipv4, wan zone, /26 delivered over a 100Mb fiber link vlan'd from the isp. error the xg throws is "Interface IP and gateway IP address must be in the same network".  the goal is to send traffic from this interface on the /26 through an ip on a /30 configured on another device from the same isp.  legacy asa5510 i'm referencing is doing this with a default route but it only has a single wan interface which simplifies that.  xg will have multiple wan interfaces with a couple isp's which complicates static routing but maybe i'll come up with something between static + policy routing but this would probably require being able to configure the interface ip without a gateway.

     

  • 0 in reply to onward

    Hi,

    I have two interfaces on my XG, one uses DHCP and the other PPPoE. Both are gateways using firewall rules. I will remove the UTM in front of one of the interfaces so can check the provided DHCP addressing details and post back here.

    Ian

    Checked using the XG and DHCP on the interface and received a /16 which sort of overcomes your issue. Then tried PPPoE n the same interface and ended up with different addresses as shown in the previous post.

    Ian

  • 0 in reply to rfcat_vk

    I believe the original question and my own regards manual configuration of static wan ip's rather than auto-configured pppoe or dhcp wan ip's.

Reply Children
No Data