Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 3007 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

up-link balancing with multiple LAN's

Asankag

Dear Team,

 

I have a small configuration issue. First of all following is my config.

01. I have two WAN links from two different ISP's. up link balancing is also activated. both links are on the active interface group and weight is 100 for both links.

02. first I created a one LAN 1 and everything was working fine. (192.168.101.0)

03. Then created a another interface for another LAN 2. (192.168.102.0)

 

Now my issue is 192.168.102.0 network doesn't have internet. I have created a multi-path rule as well.

herewith I have attached some images for your reference. please let me know what needs to be done.

 

Thanks in  advance.

     



This thread was automatically locked due to age.
Parents
  • 0

    Hey Asankag.

    First, you wanna change your firewall and multipath rules destination to "Any" or "Internet". Your rules as it is are only allowing connection to your external interface, not the external world. I would also create a Network Group containing your LANs' Network Interface and put it on the NAT rule instead of "Any", just to be on the safe side. As it is, any packet reaching your UTM could be potentially NATed. Everything else looks OK. You might wanna check Rulz for a better understanding and tips of how to figure out what's wrong.

    Also check if the new LAN is allowed in web protection, in case you have it active.

    Regards,

    Giovani

     

Reply
  • 0

    Hey Asankag.

    First, you wanna change your firewall and multipath rules destination to "Any" or "Internet". Your rules as it is are only allowing connection to your external interface, not the external world. I would also create a Network Group containing your LANs' Network Interface and put it on the NAT rule instead of "Any", just to be on the safe side. As it is, any packet reaching your UTM could be potentially NATed. Everything else looks OK. You might wanna check Rulz for a better understanding and tips of how to figure out what's wrong.

    Also check if the new LAN is allowed in web protection, in case you have it active.

    Regards,

    Giovani

     

Children
No Data
Unfiltered HTML