Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

SMA 410 using two ports to connect two different Router/Firewall

MySuperSonicMySuperSonic Newbie ✭
in Secure Mobile Access Appliances

Hi all,

Here’s the current setup and my thoughts on the next steps:

Our SMA 410 is currently connected to the firewall. We are adopting a service provider SD-WAN solution; however, their device only supports WAN failover and not load balancing. Our existing site-to-site VPN is tied to the IP block on ISP#2. Since setting up a new site-to-site tunnel would require significant administrative effort, I am considering keeping the firewall connected to ISP#2 until a new tunnel is established. Please see the diagram below for reference.

In the meantime, I have a few questions:

  1. Remote Client Access: To allow remote clients access to resources over the VPN tunnel, can I use another link connected to the firewall?
  2. Network Segmentation: Should I assign X1 and X2 to two separate networks?
  3. NAT Configuration: Should I configure NAT on both the SD-WAN device and the firewall using the public IP on the SMA VPN?
  4. IP Pool Management: Is it better to use the same IP pool for remote clients, or would assigning a separate pool be more efficient?

I would appreciate any recommendations or best practices you might have regarding this setup.

image.png
Category: Secure Mobile Access Appliances
Reply
Sign In or Register to comment.