<div>
Excellent. &nbsp;I will look into these options.
</div>


<div>
Okay it doesn't seem to be working. &nbsp;I believe everything is setup properly. &nbsp;I must be missing something. &nbsp;Even though everything is configured the Uplink Monitoring still shows the Guest one as Offline. &nbsp;Not sure why. &nbsp;On the interfaces it is shown as UP.<br />
<br />
See attached images<br />
<a href="https://filedb.experts-exchange.com/incoming/2016/01_w04/1074604/Interfaces.jpg" target="_blank" class="file-inline" title="Interfaces (56 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>Interfaces.jpg</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2016/01_w04/1074605/Uplink-Balancing.jpg" target="_blank" class="file-inline" title="Balancing (71 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>Uplink-Balancing.jpg</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2016/01_w04/1074606/MultiPath.jpg" target="_blank" class="file-inline" title="MultiPath (41 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>MultiPath.jpg</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2016/01_w04/1074607/Uplink-Monitoring.jpg" target="_blank" class="file-inline" title="Monitoring (20 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>Uplink-Monitoring.jpg</a>
</div>


MultiPath.jpg

Uplink-Monitoring.jpg

Interfaces.jpg

Uplink-Balancing.jpg

<div>
looks good.<br />
now all traffic should be routed over the working interface?<br />
<br />
the UTM use different hosts to monitor the link availability. <br />
if Host is reachable ... link is OK. &nbsp; Works reliable.<br />
seems the configuration for the second IF is not correct... or the provider-link is not up...<br />
try traceroute (from support/tools or CLI) to secondarys IF gateway.<br />
try disable primary IF and traceroute to 8.8.8.8 <br />
so you can check IF connections.
</div>


<div>
I want it to route like this<br />
<a href="https://filedb.experts-exchange.com/incoming/2016/01_w04/1074611/Network-Diagram.jpg" target="_blank" class="file-inline" title="Routing (51 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>Network-Diagram.jpg</a>
</div>


Network-Diagram.jpg

<div>
Ok here is an update. &nbsp;Everything might be setup alright but as soon as I enable uplink balancing I get an error on my second WAN link. &nbsp;Not sure why. &nbsp;If I turn off uplink balancing the error goes away but I cannot use both internet connections at that time.
</div>


<div>
what if you disable the &quot;primary&quot; ISP link? traffic should go through secondary now.<br />
You should be able to ping internet and traceroute targets at the internet &quot;tracert 8.8.8.8&quot; to see the used path.<br />
Possible you need masquerading for secondary ISP connection and &quot;primary LB-link&quot; too.
</div>


<div>
I will see if I can test this. &nbsp;The primary is our main internet so I am not able to just take it offline. &nbsp;Especially if the other doesn't work. &nbsp;I will see what I can do though.
</div>


<div>
seems the secondary path is not online. uplink monitoring is reliable at my customers.<br />
try to connect the link to a notebook, configure the ip settings and test the functionality.
</div>


<div>
Sorry another fire I need to tend to. &nbsp;I will get back to this as soon as possible to try these options. &nbsp;Thanks for your assistance.
</div>


<div>
Just an update. &nbsp;I am still working with Sophos on this issue and they have not been able to find a solution yet. &nbsp;They are saying there is a problem with the ISP but when the ISP is plugged into a normal router it works fine. &nbsp;I will update once I have more info and a possible resolution from Sophos.
</div>


<div>
how you are connected to the ISP?
</div>


<div>
I am working with the Sophos support on this issue but it will be awhile as other projects are coming up. &nbsp;I just want to make sure i award you your points for assisting with the issue.
</div>


<div>
<div class="content wysiwyg-content">
I am not sure who out here may know the Sophos UTM products but I have a fairly simple question I believe. &nbsp;Our UTM is configured with two internal networks (1 for our office network and 1 for our Guest WiFi). &nbsp;We are also running two ISP's so we have two external WAN interfaces. &nbsp;Currently both internal networks are going out the primary external. &nbsp;I want to configure the firewall to have each internal network go out through different external networks. &nbsp;<br />
<br />
If possible I then want each external interface to be a failover for the other.<br />
<br />
Not sure how much of this is possible but that is what I am trying to get configured.
</div>
</div>


I am not sure who out here may know the Sophos UTM products but I have a fairly simple question I believe.  Our UTM is configured with two internal networks (1 for our office network and 1 for our Guest WiFi).  We are also running two ISP's so we have two external WAN interfaces.  Currently both internal networks are going out the primary external.  I want to configure the firewall to have each internal network go out through different external networks.  

If possible I then want each external interface to be a failover for the other.

Not sure how much of this is possible but that is what I am trying to get configured.

Help with Dual WAN Setup of Sophos UTM 9

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network Security

Sophos develops products for communication endpoint, encryption, network security, email security and mobile security as well as unified threat management. Products include hardware (or software virtual appliance) network firewalls including web browsing protection, AntiSpam filters and antivirus protection, encryption and data protection, web filter, antispam and mobile content and device management tools.