Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 4 subscribers
  • Views 4007 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Routing Config For WAN interface over LAN

colly72

Hi all,

Our UTM is currently positioned next to our WAN router and we have a direct cat5 cable from the UTM eth1 WAN port to the router.  I'm wanting to setup a vm of the utm in a lab but how do i configure the routing when so that the vm routes correctly over our LAN to the WAN port, when it's not physically next to the router?



This thread was automatically locked due to age.
  • 0

    Hi,

    you will be not able to route the original WAN address over the LAN because you can't route the same subnet from two different points within the same network.

    If you have more than one public IP address you can set up one of this addresses to the WAN interface of the VM UTM, and connect a cable from the VM maschine directly to the WAN router. If it's not possible or you have no other public IP address, you can re-configure the LAN interface of the VM UTM to another subnet, set the WAN interface to DHCP or an fix IP address of your physical LAN, connect it over VM network to your LAN and allow all traffic from this IP to Internet in the physical UTM.

     

    Jas Man

  • 0 in reply to Jas Man

    Thanks for this.  I can't physically get a cable direct from our VM UTM to the WAN router, without it going over the LAN.   Could I setup a VLAN for WAN and then route traffic that way?

  • 0 in reply to colly72

    That was my first thought too, but I think it's not possible to tag a VLAN from the WAN interface to the LAN interface. You will need an aditional switch with VLAN support to do this. And it's only possible when you have another free public IP addres, because it's not possible to use the same WAN IP address on both UTMs (physical and virtual).

  • 0 in reply to colly72

    Why do you need a public IP for the virtual device?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    The hardware UTM that we currently have has a public IP on the WAN interface, so I'm trying to replicate that.

     

    Cheers,

    Michael

Unfiltered HTML