This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Full NAT forwarding from internet

I need to route traffic to another network behind our DC.

internet --> sophos UTM ----{cross connect}--> backend router to another network --> destination server

1.1.1.1 --> 10.10.10.1 --> 192.168.10.10 --> 10.50.50.1 (assuming those are the IPs).

From internet, connection from device will be 10.10.10.1:12345. So in sophos, it will do DNAT to 10.50.50.1:56789. This does not work because traffic cannot go back through backend router as this is a secondary router (in another network) which only allows private network subnets.

After doing a lot of reading, I think need to use Full NAT. However, I am not sure how to get it working. I tried full NAT and change the source IP to that of 10.10.10.1 but traffic stopped there. It does not route back to the source 1.1.1.1.

Appreciate any help on this.

This thread was automatically locked due to age.

0 BAlfson over 4 years ago

Selamat pagi and welcome to the UTM Community!

It sounds like you need a Static Gateway Route in the UTM - one like '10.50.50.0/24 via {IP of backend router}'.

Did that fix your issue?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel