Improve company productivity with a Business Account.Sign Up

x
?
Solved

WatchGuard - Configuring 2 External Interface IPs for Separated Outbound Traffic

Posted on 2014-04-11
4
Medium Priority
?
790 Views
Last Modified: 2014-04-21
I have a WatchGuard XTM 26-W that is configured with two wireless access points. One is set to bridge to a trusted interface, the other is set to bridge to a separate trusted interface. I already have the first trusted interface working / using the first External interface on the WG, but the second wireless/trusted interface also seems to be using the first External interface. I would like for the second Wireless Access / trusted interface traffic, both inbound and outbound, to flow through the second External interface / IP address.

Is this possible?
0
Comment
Question by:TogaMario
  • 2
4 Comments
 
LVL 6

Accepted Solution

by:
Jon Snyderman earned 1000 total points
ID: 39995366
Yes.  You need fireware PRO.  Then you create seperate rules.for the second AP and use policy based routing (PBR) to force the traffic to the second external interface.

~Jon
0
 
LVL 27

Expert Comment

by:skullnobrains
ID: 39995980
you can also specify the interface in the nat rule

http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/nat/nat_dynamic_firewall_add_c.html%3FTocPath%3DNetwork%20Address%20Translation%20%28NAT%29|About%20Dynamic%20NAT|_____1

i'd assume the source addresses are not the same so you would configure one NAT rule per subnet with the corresponding interface. watchguard shoud be able to use the proper IP (doc 2 pages below states so)

if your multi-wan setting is correct (or if they are tunnel interfaces) the watchguard should select the proper routes. if not, see here http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/multiwan/routing_table_configure_c.html%3FTocPath%3DMulti-WAN|Configure%20Routing%20Table|_____0
0
 

Author Comment

by:TogaMario
ID: 40000873
Thank you for the fast turn-around. I will update as soon as I have access to the system again and am able to test these out.
0
 

Author Closing Comment

by:TogaMario
ID: 40013654
That's exactly what I was looking for. Thanks, Jon
0

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question