This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multi Tenant Site to Site RED

Hi All,

I have a small Datacenter with an SG210.  I have some (around 20) clients with SG units at their location.

I have created site-to-site Red tunnels for my own use, but never for multiple tenants.

 

I've got the following to answer:

  1. Looking for a "rinse and repeat" strategy so that one I get one done, I just "rinse and repeat"
  2. Some of my clients Internet/LAN are the same, eg. 192.168.1.0/24
  3. Can I possibly bridge the RED tunnel to a VLAN on the DC  Sophos
  4. Has anyone done this ?
  5. Does Sophos has a consulting department that architect this ?

 

Thanks in Advance,

 

G



This thread was automatically locked due to age.
  • Hi Gbridge,

     

    1. see below "to 1"

    2. unfortunately not. if you only use the UTM to Bridge RED to VLAN it will work - if you use the UTM as a Gateway for the Client Networks it won't work. since utm has only one Routing table. one way would be to add a small NAT router with VRF enabled to gain multiple Routing Instances and use "1 on 1" NAT to translate the full net to a "datacenter local" unique Network.

    3. it is possible, see "to 1"

    4. --

    5. Sophos has Partners to sell their products and to do Consulting - you can search for a Partner or ask Sophos to name one. Sophos helps their Partner with uncommon Projects.

     

     

     

    to 1)

    - Create Vlan Interface

    - Create RED Definition (just stop after creating RED, do not Use the newly build virtual "red1" Interface)

    - go to Interface Settings click "Edit" on your new vlan Interface, select Bridge from "Interface type" and add the new red Interface to Bridge-interfaces selection.

    - you're done.

     

    Yours Lukas

    lna@cema

    SCA (utm+xg), SCSE, SCT

    Sophos Platinum Partner

  • Hi Lukas,

     

    Thanks so much for the help!

    I should have mentioned that I an a Sophos Partner, but I have never done something like this.....

     

    I am/was hoping that someone has done/is doing this already.....

     

     

    Thanks again,

     

    G

  • as you are a Partner, you can ask your Account Manager or your regional Presales engineer.

    lna@cema

    SCA (utm+xg), SCSE, SCT

    Sophos Platinum Partner