Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 26 subscribers
  • Views 2236 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Alias Setup Multi WAN IP, PPPoE, Two LANs

PaulK

  Our environment has three sites connected via VPN tunnels to each other. Two main sites are using an XG115 and an XG105, firmware 17.0.3 MR-3. Third site is a maintenance site using a non-Sophos firewall connected to the main sites via IPsec Site-To-Site tunnel. The two main sites are (now) connected via SSL Site-To-Site. To get going initially, I have our XG115 using the ISP's PPPoE-assigned IP address for all traffic for these connections.
 
  I now want to start using the /29 block of public IP addresses available to the XG115 and begin by creating an alias on the WAN port. After adding this alias, traffic to/from the two Sophos devices stop. Connection indicates that it is up on both devices, but traffic does not move. Connection to/from the non-Sophos site is running fine to both XG sites at all times. I would use IPSec Site-To-Site between the two XG's, but firmare 17.0.3 has one of the XG's constantly reconnecting the tunnel (and sending me ~6 emails a minute telling me about it). If I reboot the XG's, the last one to finish rebooting is the one reconnecting/emailing.  

  Ideally I would like to change all traffic over to the assigned block of public IP's as I learn how to do it, but since I am killing traffic at what I consider the first step (creating an alias), I either have a problem in configuration that I am unaware of or something else isn't right. Reading about a Sophos patch from almost 2 years ago makes me wonder if I need this patch or if newer firmware released addressed the contents of that patch. While talking to Sophos about this, they did not know anything about a patch. Maybe I did not explain my problem well enough to them, though.

  I would like to route main traffic on one Public IP to port 1 which is our main LAN and I would like to route some other traffic from a second public IP to a separate LAN using physical port 4. I have found posts and documents describing how to direct traffic to a specific server, but have yet to fully grasp all of this plus I want to route traffic through port 4 to all devices on our second LAN. Is there a how-to to get me going?

  As a work-around, I could use a separate public IP to send secondary traffic to a specific device (another router) on the main LAN (on port 1) if the specific device uses the second public IP while outgoing. But, again, creating the alias stops me.

  Thanks for any insight you can offer!



This thread was automatically locked due to age.