Add a unicast route
You can configure Sophos Firewall to forward unicast traffic.
To add a unicast route, do as follows:
- Go to Routing > Static routing.
- Click Add under IPv4 unicast route or IPv6 unicast route.
Enter the unicast route details.
Option Description Destination IP/netmask Specify the destination IP address and subnet mask. Gateway Specify the destination gateway address. Interface Select the Sophos Firewall interface through which traffic will leave. Distance Specify the distance. Routes with lower numbers have higher precedence. Example: Sophos Firewall will initially try and send traffic over a route with a distance of 1, rather than a distance of 5.
When the gateway and interface addresses aren't on the same network, Sophos Firewall can't route the traffic, so it stores the route. When you change the interface address so that it is on the same network as the gateway, Sophos Firewall can send traffic over that route.
If you configure a static route for a RED site-to-site tunnel, you can't select an interface. Instead, you must specify the IP address of the peer RED site-to-site tunnel.
Example settings for a LAN-LAN static route:
The unicast route appears on the Static routing page.