multiple public adress

Question

Hello 
 I got an SG135 with 8 eth. 
 i have 4 lans (on 4 eth) and a Wan (on 1 eth) . 
 I have 5 public Ip adresses. 
 my config is : 
 
 eth0 : 192.168.1.254 
 eth1 : 192.168.2.254 
 eth3 : 192.168.3.254 
 eth 4 : (for example : 12.12.12.12 /29) 
 
 on eth0 --> LAN (1) 192.168.1.1 to 192.168.1.250 
 on eth1 --> LAN (2) 192.168.2.1 to 192.168.2.250 
 on eth2 --> LAN (3) 192.168.3.1 to 192.168.3.250 
 
 On each lan, when a pc goes to www.monip.org my public ip is 12.12.12.12 
 I want to have in LAN (1) the public ip 12.12.12.13, in LAN (2) the public ip 12.12.12.14 
 
 I try this 
 
 then 
 
 and

but it doesn't work .... 
 any ideas ??

kerobra_retired · Answer

Hi St&eacute;phane, 
 first and very important question: are you using the Web Protection? If yes: any proxied traffic is leaving the UTM over the WAN interfaces IP address, you can not change this behaviour! If no: 
 
 you will need to have the other 4 public IPs being configured as additional addresses (2nd tab on interfaces section).
 
 note that for every additional address the definitions (address), (broadcast) and (network) are created automatically 
 keep in mind that these objects get names like: "WAN interface name [additional address interface name] (Address)" 
 I would recommend to name WAN interface only WAN and the additional interfaces to the ending octett of the public IP so you will get a "WAN [.123] (Address)" entry for example. Makes your life easier when selecting the created definitions anywhere.

you will need at least 3 SNAT rules like this:
 
 Rule type: SNAT 
 Matching condition
 
 For traffic from: LAN1 (Network) 
 Using service: Any 
 Going to: Internet IPv4

Action
 
 Change the source to: external Interface (Address) object 
 no change to the service entry

But as I said: any proxied traffic will still use the Sophos first external IP (that one that is directly configured on the WAN interface).

multiple public adress

Submitted a Tech Support Case lately from the Support Portal?