Overview
This article shows you how to configure Failover for two WANs on Sophos XG device. Thereby, it helps to support the main WAN when having problems, the remaining road will help the network in the enterprise to be maintained and operated continuously
This article will be configured according to the following network diagram:
How to configure
Step 1: Log in to Sophos XG by Admin account
Step 2: Configure 2 Ports to Sophos XGās WAN port
- Network -> Interfaces
- Select the Port you want to configure to WAN
- Enter information for Port
-> Click Save
- You can configure the same configuration for the other site
Step 3: Configure Failover for WAN
- Network -> WAN link manager
In the main WAN: Click Edit icon
- Choose Active
- Weight: 1
-> Click Save
In WAN Backup: Click Edit icon
- In the Active This Gateway section: Select If -> Select main GW
- In Action on activation: Select Inherit weight of the failed active gateway
- In Action on fallback: Select Server new connections through restored gateway
-> Click Save
- You can configure the same configuration for other site
Step 4: Create firewall rules for 2 sites that can ping each other
- Rules and Policies -> Click Add firewall rule -> User/network rule
- Enter the name for the rule
- In the Rule position: Select Top
- In the Source zones: Select WAN
- In the Source networks and devices: Select Any
- In the Destination zones: Select LAN
- In the Destination networks: Select Any
- In the Services: Select ICMP
-> Click Save
Step 5: Check Ping and Tracert between two sites
Step 6: Check to try to remove the main WAN line to see if the system switches to Backup line
Leave a Reply