This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to configure remote site to use other Internet resource on particular video call

I have two sites using UTM 9 and connected via site to site VPN.

Site A and Site B has cisco telepresence installed but only site A can connect to a public hosted video conference bridge due to site restriction. (this no need to fix)

How can I configure site B to use site A internet if lets say site B want to connect to (public IP example) IP : 200.21.12.1  ?



This thread was automatically locked due to age.
  • I would use Policy Routing for this.

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • Thank you Jason for your reply. I will try your suggestion.

     

    Anyone else have suggestion?

  • Is the UTM in site A?  If so, is 200.21.12.1 in 'Local Networks' in the IPsec Connection definition and in what corresponds to 'Remote Networks' in the Cisco?  If so, then you only need a Masquerading rule in the UTM like:

    {site B network} -> External

    Routing will be handled automatically by WebAdmin.  Depending on what else you've done, you might need to create a firewall rule like:

    {site B network} -> {Services} -> {200.21.12.1} : Allow

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks bob,

    Both site has UTM9 installed.

    Here is the sample diagram of how I would like to setup my sophos.

    I want site A to access the public IP using the Site B internet.

     

  • A picture is worth a thousand words - my post above has the right answer, but I misunderstood what was where.

    You just add 200.21.12.1 to the tunnel by adding it to 'Local Networks' in the IPsec Connection in B and to 'Remote Networks' in the Remote Gateway in A.  Then, create the masquerading and firewall rules in B for 192.168.2.0/24.

    If you really only need 192.168.2.50 to reach 200.21.12.1, I would consider a separate tunnel with only those IPs.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA