Hi All:
I've got a ASG 320, running 9.309-3. I just got a new SG330 as a hardware upgrade. I got a 30-day temp license for it from Sophos. It had a version prior to 9.309-03 running on it, but updated to 9-309-3, same as the ASG.
I exported the running config and imported it to the new box for testing. Looked over the config on the new box and all seemed there. I switched traffic over to it, and initially all seemed OK. I've got four Ethernet connections - three straight standard Ethernet (internal, primary external, etc.) and one trunk connection with four VLAN's on it - including the secondary internet connection, DMZ, etc..
However, I've got several DNAT/SNAT's running, for outside people to access an internal database, using additional addresses. Although the management console showed all the addresses were up, they wouldn't function. Couldn't connect to them. Rebooted the SG330 (twice even) no joy.
The DNAT/SNAT's were done before full NAT was available.
I've also got a dual internet connection - different carriers, etc. and have uplink balancing with multipath rules set up (most traffic goes out the primary unless it fails, then goes over to the secondary, and some traffic - like our BYOD wifi hotsopts goes out on the secondary, and fails over to the primary). But didn't look like it was using the secondary, even though showed as up.
Also, I've got four hardware VPN connections, three connect over the primary internet connection, and one over the secondary. The three over the primary came up, but the one over the secondary didn't.
I have a Sophos software VPN from home, and it came right back up, but it's using the primary IP address.
I had it up about an hour, and no changes.
I plugged the cables back into the old ASG 320, and all came right back up - NAT's, VPN's, etc.
Any ideas?
John S.
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
