General Discussion Sophos UTM 9: Web browsing by using a second WAN

UTM Firewall requires membership for participation - click to join

Thread Info

State Suggested Answer
Locked Locked
Replies 9 replies
Answers 1 answer
Subscribers 4 subscribers
Views 5719 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM 9: Web browsing by using a second WAN

Osvaldo Cigolini over 8 years ago

I would like to set up web browsing by using a second WAN or a secondary IP address of the same WAN, all with Web Protection

Thank you

This thread was automatically locked due to age.

Parents

0 zaphod over 8 years ago

use a multipath rule for that.. (Interfaces&Routing / Multipath-Rules)...
Cancel
Vote Up 0 Vote Down

Cancel
0 Osvaldo Cigolini over 8 years ago in reply to zaphod

With another customer was not able to configure a second interface for outgoing traffic
Cancel
Vote Up 0 Vote Down

Cancel
0 zaphod over 8 years ago in reply to Osvaldo Cigolini

i dont have this option under global webfiltering.. just dont use this option... use multipath rules webfilter should work too

which firmware you have installed? wondering why i dont see this optional option to choose wan port...
Cancel
Vote Up 0 Vote Down

Cancel
0 Osvaldo Cigolini over 8 years ago in reply to zaphod

9.407-3
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 8 years ago in reply to Osvaldo Cigolini

Hi, Osvaldo, and welcome to the UTM Community!

I'm sorry, but I deleted the external link in your post. Please Edit that post, and drag-n-drop your image into the post. We can't know if that external site is properly protected. The only malware I've gotten in over 10 years was from an external link to a picture in this forum several years ago. Thanks in advance!

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 8 years ago in reply to Osvaldo Cigolini

Hi, Osvaldo, and welcome to the UTM Community!

I'm sorry, but I deleted the external link in your post. Please Edit that post, and drag-n-drop your image into the post. We can't know if that external site is properly protected. The only malware I've gotten in over 10 years was from an external link to a picture in this forum several years ago. Thanks in advance!

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Osvaldo Cigolini over 8 years ago in reply to BAlfson
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 8 years ago in reply to Osvaldo Cigolini

Thanks, Osvaldo. Interesting! The devs have added a field 'out_interface' to the HTTP Profile objects. Apparently, this is an enhancement that's coming soon. I guess someone at Sophos uploaded a ready-to-release rpm to enable this UTM to have this feature.

Is this a client's UTM and was there recently an issue that required that Sophos Support SSH into the device?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 Osvaldo Cigolini over 8 years ago in reply to BAlfson

I remember now. This change, very useful because it allows you to customize the use of a specific interface for each profile, I had made to implement the technical support of our dealer, and only now I remember that was done via SSH. But the technical support is no longer available, but I would like to turn this on.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 8 years ago in reply to Osvaldo Cigolini

This does not appear to be a setting that you can activate. You would need to have Sophos Support SSH into the target UTM and add new programming to it. If you are the reseller, you might be able to make a case for that. If you are an end user, you will need to have your reseller request that from Sophos if you have Standard Support. If you have Premium, you can open your own case at Sophos Support.

To have traffic leave with the IP of an Additional Address "Browsing," make a NAT rule like:

SNAT : External (Address) -> Web Surfing -> Internet : from External [Browsing] (Address)

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel