Sigh my browser died and I have to write this again. It was a lot more creative before, I can tell you that.
So I have a datacenter with a Sophos UTM 9.506-2 cluster as my gateway. I've created a new VLAN210 which is not supposed to talk to VLAN31 for example. To accomplish this I've created a firewall rule. See below for details.
ping from a VLAN31 machine to a VLAN210 machine is still working though. traceroute shows the VLAN31 gateway as the first hop and the next is the target machine. Our firewall environment is a jungle made of wildly thrown rules with much of a concept dealing with spontanous situations. However the VLAN210 is completly new and I couldn't find firewall rules that have source and destination set to ANY that would overrule something. I've tried to set this firewall rule to the top and to the bottom, no effect though.
I don't expect you to magically solve this problem for me. I'd rather solve it myself with some hints from you to look at this from a fresh perspective. Apparently I'm out of options and it kills me that this is not working as expected since it's not rocket science. I'm in general not new to Sophos which makes this much more frustrating. If you have any questions or need more information just let me know.
Kind Regards and my deepest apologies for wasting someones time
This thread was automatically locked due to age.
