Good afternoon dear Sophos wizards,
We've been finishing the installation of our SG330 (active-passive cluster) for past few days and some things need to be clarified, I hope you can help me with that.
1) HA in unlinked state
We'll have a situation where two interfaces will be bridged together and two core switches will be connected to it. We've done some testing regarding this setup. When all the four cables (two in active, two in passive node) are connected, everything is OK. When one of the cables is disconnected, HA cluster goes to UNLINKED state. My question is, whether the configuration is still being replicated between these two nods. The HA interfaces are still connected and I therefore don't see the reason why the configuration shouldn't be replicated.
2) General question concerning web protection
Does the proxy always proceed according to the 1st match or is there any chance to evaluate all the rules? Consider following example:
User is in two user groups in Active Directory (e.g. groups A,B). First rule states that group A has access only to public news websites and the rest is (including cloud services, for example) forbidden.
Second rule, on the other hand, states that group B also does have the access to cloud services and as I mentioned before. I assume the user will be denied to access cloud service, because the 1st rule denied it. Am I correct or not ? Is there any possibility to change this behavior ?
3) Notifications via email
We've set up that we'd like to be notified via emails and we'd also like to receive the backups via email. Same setup has been done in different location and it works flawlessly in there. However, we didn't receive any email sent by our firewall in our location. I didn't even find any way how to debug this issue on the box. I wouldn't blame the mail system - the 2nd Sophos is able to send mails without any problem.
Thank you in advance for your support and suggestions.
This thread was automatically locked due to age.
