Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 6648 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to Route Traffic through LAN Alias

Shahzad Ali

Dear Team,

i have a problem below is the scenario.

What I configured:

LAN1: (Physical interface) 192.168.0.225

LAN1:0 (Alias Virtual Interface) 192.168.0.227

LAN1:1 (Alias Virtual Interface) 192.168.0.228

 

ISP1: (Configured on Physical interface)

ISP2: (Configured on Physical interface)

ISP3: (Configured on Physical interface)

What I want:

 

LAN1: (Physical interface) 192.168.0.225 Traffic go from this interface ISP1: (Configured on Physical interface)

LAN1:0 (Alias Virtual Interface) 192.168.0.227 Traffic go from this interface ISP2: (Configured on Physical interface)

LAN1:1 (Alias Virtual Interface) 192.168.0.228 Traffic go from this interface ISP3: (Configured on Physical interface)

Explanation:

i want to route some users traffic from LAN1 to ISP1 ,LAN1:0 to ISP2, and LAN1:1 to ISP3. I tried almost anything but traffic didnot route through my desire interfaces.

i am also going to attached my firewall configuration screenshots.Please view and suggest me some solution.

 

i am using Sophos XG-220 and firmware version 16.5

 

 

 

 

 

 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Shahzad Ali

    Hi,

    at this stage you cannot use vlan IDs in firewall rules.

    Also you will need a firewall rule for each external interface.

    destination any, network any, source any, network any, match known user group a (IP range of users on VLAN a) - your NAT rule would point at ISP 1

    destination any, network any, source any, network any, match known user group b (IP range of users on VLAN b) - your nat rule would point at ISP 2

    destination any, network any, source any, network any, match known user group c (IP range of users on VLAN c) - your nat rule would point at ISP 3.

    Hope that helps

    Ian

    editted - spelling and punctuation.