Source IP of Dimension Logging Traffic

I have Watchguard Fireboxes at various locations connected to my head office with BOVPN’s.
I have a Dimension server which I recently set up to receive logging messages from the Fireboxes.
Some of the Fireboxes send their logging messages from their local LAN interface IP address, and some send their logging messages from their WAN IP.
What causes the device to choose which interface to send its logging traffic?
I am searching for differences in the configs and policies at the moment.
Any help would be appreciated.
Thank you.

Comments

Sign In to comment.