Two Sophos SG 230 in Active Passive HA.
Switching from Comcast cable modem to Comcast fiber connection. Comcast only provides one Ethernet port on their Siena device for the new fiber connection.
Sophos support suggested installing an unmanaged switch between the Sienna and the two WAN ports on the SG 230s to provide two ports. (Now I have a $40 switch carrying all the services for a $75M company)
Comcast requires Setting the WAN port to the xxx.xxx.xxx.6 and the gateway to x.5 and then L3 routing the public IP LAN block /29 network with 5 useable public IPs through this IP assignment.
Support said just add the public IPs as additional IPs on the WAN interface. This got my Internet access and webserver access working on one of the IP addresses.
I intend on using the other 4 addresses as follows, one for the users remote access, one for the Exchange services and one for each IPSEC tunnel. However I am unable to setup IPSEC point to point tunnels as I cannot attach to the alternate IP addresses only the interface itself.
How do I fix this?
I currently have only one IPSEC tunnel (will soon have a second one) and it is on the external WAN connection as I could not use the additional IP addresses on that one either.
This thread was automatically locked due to age.
 
				 
		 
					 
				 
				