Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 5746 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM 9: Web browsing by using a second WAN

Osvaldo Cigolini

I would like to set up web browsing by using a second WAN or a secondary IP address of the same WAN, all with Web Protection

Thank you



This thread was automatically locked due to age.
Parents
  • 0

    use a multipath rule for that.. (Interfaces&Routing / Multipath-Rules)...

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

  • 0 in reply to zaphod

    With another customer was not able to configure a second interface for outgoing traffic

  • 0 in reply to Osvaldo Cigolini

    i dont have this option under global webfiltering.. just dont use this option... use multipath rules webfilter should work too

    which firmware you have installed? wondering why i dont see this optional option to choose wan port...

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

  • 0 in reply to Osvaldo Cigolini

    Hi, Osvaldo, and welcome to the UTM Community!

    I'm sorry, but I deleted the external link in your post. Please Edit that post, and drag-n-drop your image into the post. We can't know if that external site is properly protected. The only malware I've gotten in over 10 years was from an external link to a picture in this forum several years ago.  Thanks in advance!

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to Osvaldo Cigolini

    Hi, Osvaldo, and welcome to the UTM Community!

    I'm sorry, but I deleted the external link in your post. Please Edit that post, and drag-n-drop your image into the post. We can't know if that external site is properly protected. The only malware I've gotten in over 10 years was from an external link to a picture in this forum several years ago.  Thanks in advance!

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to Osvaldo Cigolini

    Thanks, Osvaldo.  Interesting!  The devs have added a field 'out_interface' to the HTTP Profile objects.  Apparently, this is an enhancement that's coming soon.  I guess someone at Sophos uploaded a ready-to-release rpm to enable this UTM to have this feature.

    Is this a client's UTM and was there recently an issue that required that Sophos Support SSH into the device?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    I remember now. This change, very useful because it allows you to customize the use of a specific interface for each profile, I had made to implement the technical support of our dealer, and only now I remember that was done via SSH. But the technical support is no longer available, but I would like to turn this on.

  • 0 in reply to Osvaldo Cigolini

    This does not appear to be a setting that you can activate.  You would need to have Sophos Support SSH into the target UTM and add new programming to it.  If you are the reseller, you might be able to make a case for that.  If you are an end user, you will need to have your reseller request that from Sophos if you have Standard Support.  If you have Premium, you can open your own case at Sophos Support.

    To have traffic leave with the IP of an Additional Address "Browsing," make a NAT rule like:

    SNAT : External (Address) -> Web Surfing -> Internet : from External [Browsing] (Address)

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA