This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using location A subnet on a switch port at location B

Not sure if this belongs here or under VPN. I have multiple locations that are all connected via red tunnels. Each location has its own subnet. Everything works as it is currently setup - Location A can ping / access services, etc. from location B. VLAN traffic is passed as it should be.

Now for the tricky part - in "Location B", I need to put one of the ports on the subnet for "Location A". In other words, I'd like to be able to plug something into a port on my switch in location B and have it think it is in Location A.

I thought maybe I could just add an interface on the physical interface in the remote location and tag it as a VLAN and give it a static IP address from the Location a subnet. When I do that, it does't work - in fact it basically shuts off all traffic to between location A and location B. (as soon as I disable the new interface everything returns to working as it should.

Any guidance would be appreciated. Thank you.

This thread was automatically locked due to age.

Parents

0 IanMorehouse over 8 years ago

Did you setup the vlan all the way back to the host UTM?

Ian,

home UTM 9.x running in ESXi 6 e3-1275v2

AP55c and AP10 (courtesy Astaro)

Three other UTMs, SUM and SFM in hibernation

XG 15.x MR3 in hibernation
Cancel
Vote Up 0 Vote Down

Cancel
0 GlennCoolong over 8 years ago in reply to IanMorehouse

I have the same VLAN I both UTMs, and no luck.
Cancel
Vote Up 0 Vote Down

Cancel
0 IanMorehouse over 8 years ago in reply to GlennCoolong

Hi Glenn,
I can only go on theory, no experience with RED. I suspect you will need a route in the far end red to point the traffic at the vpn. Also you wouldn't tag the VLAN on the UTM or RED because they would be normal ports.

Ian,

home UTM 9.x running in ESXi 6 e3-1275v2

AP55c and AP10 (courtesy Astaro)

Three other UTMs, SUM and SFM in hibernation

XG 15.x MR3 in hibernation
Cancel
Vote Up 0 Vote Down

Cancel
0 SteveHart over 7 years ago in reply to IanMorehouse

Ian, did you ever get this working? I have the same exact scenario.
Cancel
Vote Up 0 Vote Down

Cancel
0 rfcat_vk over 7 years ago in reply to SteveHart

Hi Steve,

I don't have access to a red to try this out. I am a home user of both XG and UTM

XG115W - v20 GA - Home

XG on VM 8 - v20 GA

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 7 years ago in reply to GlennCoolong

Hi, Glenn, and welcome to the UTM Community!

To do this, you will need to add a second RED tunnel between the sites. In site A, bridge the reds# with the subnet that a port on site B should be able to join.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 7 years ago in reply to SteveHart

Steve, does my reply to Glenn give you enough information to accomplish this?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 SteveHart over 7 years ago in reply to BAlfson

It helps Bob, but I'm still over my head.

We're looking at an alternative plan.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 7 years ago in reply to SteveHart
Here's the problem, you need to "transfer" an Ethernet connection to the other side. The way the original RED connection between the two sides is configured, that can't be done. The RED connection is like a loooong Ethernet cable, so we just make a second connection.

On the far side (let's assume it's the Client side), we assign redc1 to an Interface defined on VLAN2 and give it an IP from the subnet on VLAN2 on our (Server) side.

On our side, we bridge reds1 to the Interface defined as VLAN2.

Questions?

Cheers - Bob
Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 7 years ago in reply to SteveHart
Here's the problem, you need to "transfer" an Ethernet connection to the other side. The way the original RED connection between the two sides is configured, that can't be done. The RED connection is like a loooong Ethernet cable, so we just make a second connection.

On the far side (let's assume it's the Client side), we assign redc1 to an Interface defined on VLAN2 and give it an IP from the subnet on VLAN2 on our (Server) side.

On our side, we bridge reds1 to the Interface defined as VLAN2.

Questions?

Cheers - Bob
Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data