Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 1319 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Different IP on UTM interface (WAN) than physical NIC

TheRealShadowHunter

Hello all,

Never seen this behaviour, cannot explain...

Running latest version of Sophos UTM 9 on Hyper-V (Windows Server 2012R2) for many years without any problem. 

Till now:

1. Physical NIC connected to ISP modem, IP: 84.194.34.175 (just an example) - I reveived dynamic IP from ISP

2. Interface on UTM (created at installation) IP: 84.194.22.117 (just an example)  

 

Behaviour:

 1. Both IP belong indeed to my ISP

 2. Quering my IP via a website return: 84.194.34.175

 3. Ipconfig on host returns: 84.194.34.175

 4. I can externally RDP the host via SSH when using 84.194.34.175

 5. I cannot reach my websites running on this server using 84.194.34.175 but  I can reached them using 84.194.22.117 (virtual/real webserver via UTM) 

I simply cannot grasp when I see two different IP's. Always have they been the same in UTM and physical NIC, this should not even be possible IMHO. Can this come from the virtual switch i created in Hyper-V? Still, it has been same IP for years...

For days I have been searching and trying but nothing seems to resolve this issue. I simply don't know where the IP in the UTM interface is coming from. 

I hope someone has some pointers for me. 

Thank you so much. 

Have a nice weekend.
ShadowHunter



This thread was automatically locked due to age.
Parents
  • 0

    Hoi SH,

    I think your issue is in your Hyper-V configuration.  It sounds like your UTM is working correctly.  The way a Virtual Server functions, one would expect to see traffic accepted only on 84.194.22.117.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello Bob, 

    Thank you for your feedback. You were absolutely right, I finally got it up and running again, alas there wasn't just a single issue... but Hyper-V' messed-up configuration was the main culprit. 

    1. For some reason the virtual switches in Hyper-V didn't show any NIC's in their configuration, I could nor edit nor remove them... very messed up, always error messages

    >> I had to completely remove the Hyper-V role and reinstall it, now the virtual switches are back to normal

    2. It seems that the NIC bond to the virtual switch for WAN-side had somehow the box ticked to allow management by the OS. I believe this lead to the dual IP issue. One for the OS and one for the virtual switch. Turning this tickbox on and off confirmed this theory 

    3. The fact that my websites were not reachable also had two root caues:

    - FreeDNS was obviously wrongly updated with the incorrect IP of the UTM

    - The domain of the free subdomains I use from FreeDNS were since last week "broken", not in use anymore apperantly... (what are the odds?)

    So, after a nights work, registering new subdomains and lot of editing all is up and running again. 

    I hope one day this post can be of use to some else ;-) 

    Thank you all for you support. 

    With best regards, 

    ShadowHunter

Reply
  • 0 in reply to BAlfson

    Hello Bob, 

    Thank you for your feedback. You were absolutely right, I finally got it up and running again, alas there wasn't just a single issue... but Hyper-V' messed-up configuration was the main culprit. 

    1. For some reason the virtual switches in Hyper-V didn't show any NIC's in their configuration, I could nor edit nor remove them... very messed up, always error messages

    >> I had to completely remove the Hyper-V role and reinstall it, now the virtual switches are back to normal

    2. It seems that the NIC bond to the virtual switch for WAN-side had somehow the box ticked to allow management by the OS. I believe this lead to the dual IP issue. One for the OS and one for the virtual switch. Turning this tickbox on and off confirmed this theory 

    3. The fact that my websites were not reachable also had two root caues:

    - FreeDNS was obviously wrongly updated with the incorrect IP of the UTM

    - The domain of the free subdomains I use from FreeDNS were since last week "broken", not in use anymore apperantly... (what are the odds?)

    So, after a nights work, registering new subdomains and lot of editing all is up and running again. 

    I hope one day this post can be of use to some else ;-) 

    Thank you all for you support. 

    With best regards, 

    ShadowHunter

Children
No Data
Unfiltered HTML