Hi
Sorry for the novel, but I wanted to give details. What is the best way to enable multiple ISP uplinks but without the uplink balancing or having to configure multipath rules? I have 2 WAN connections, but obviously when you set a default gateway on both, it enables uplink balancing and I understand why. I don’t want this, but need to enable both connections for use as I will describe here.
We host separate private clouds for several of our customers using vSphere. Each customer is behind their own virtual Sophos UTM, which is behind our active/standby pair of SG 310s. On the 310, we setup a source-NAT and destination-NAT so each customer virtual UTM has its own public IP, via NAT. This worked great until we needed another /26 IPv4 space, (WAN2). We added this to the SG310 cluster. Shortly after, we noticed that the SG310 was dropping a lot of initial packets when doing a ping, etc. I created a multipath rule to force one of the virtual firewalls to go over WAN1 which the SNAT is using anyways, and no longer dropped packets.
So, given the scenario where both uplinks need to function, how can I tell WAN2 where to route traffic to without it requiring it a default gateway? I’m lost.
Thanks,
Nate
This thread was automatically locked due to age.
