Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 3 subscribers
  • Views 4857 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

First time setup

NicholasHayman

 Hi, 

 

I'm new to UTMs and Firewalls and all that sort of stuff. I'm trying to configure a Sophos UTM in transparent mode so that any device that connects to my network including devices that come in from outside are protected by the UTM. I do not want to get rid of my existing router, I want to use the UTM alongside my existing router. I have disabled DHCP on my router and enabled DHCP on the UTM however no webpages load then. What am I doing wrong? 

 

The ip address of my UTM is 192.168.1.100

The ip address of my router is 192.168.1.254

 

Nicholas 



This thread was automatically locked due to age.
  • 0

    First thing I recommend to configure is a transfer Network between your existing router and the UTM, so that the internal network is on a different subnet. Otherwise anyone could manually configure IP manually and gateway to your existing router and the UTM would be completely outdriven...

    E.G. your Router has 192.168.0.1 and the 'external' interface of the UTM 192.168.0.2, using default gateway 192.168.0.1. Your internal network can stay on 192.168.1.0, the UTM on 192.168.1.100. I personally prefer routers having .1 or .254, but thats a personal favor.

    With that constellation your router is only connected to the UTMs external interface and the internal interface is connected to a switch and over that with all other devices. When you run the configuration wizard a functional behavior should be present afterwards where you can manually edit the created things to your needs.

    Gruß / Regards,

    Kevin
    Sophos CE/CA (XG+UTM), Gold Partner

  • 0 in reply to kerobra_retired

    Hi,

     

    Thanks for the reply (:

     

    I'm a little confused however, are you saying to put the UTM on a different subnet to the router?

     

    Thanks

    Nicholas

  • 0 in reply to NicholasHayman

    And would this work as my UTM is running in a virtual machine?

  • 0 in reply to NicholasHayman

    Depends on the machine the UTM runs on. If it is just a PC with one NIC you can nearly skip anything containing network security features because those - to be effective need an internal and an external interface. You could work with VLAN interfaces to simulate two NICs but that would limit the bandwidth of the physical NIC to something unusable in my opinion, host, vmnic1 and vmnic2 would share a gigabit uplink or whatever speed you have.

    With only one NIC you can run the virtual UTM as a dedicated proxy but to have an effective setup your router should be capable doing NAT only for the UTM. Otherwise a manually configured IP/Gateway can always pass the UTM without the need to proxy any traffic.

    A classic firewall Setup is (WAN)-> external interface -[firewall] - internal interface -> (LAN) where () is a network and -[]- the device with two NICs.

    In your Setup with keeping the router it would be (WAN) -> -[router]- -> (LAN1) -[firewall]- -> (LAN2) where LAN2 is your internal network and LAN1 a network only containing router and firewall.

    Gruß / Regards,

    Kevin
    Sophos CE/CA (XG+UTM), Gold Partner

  • 0 in reply to kerobra_retired

    How do I access the UTM's config page when my computer's IP is 192.168.1.129 but my UTMs IP is 192.168.2.100. Are these two IPs on different subnets?

     

    Thanks

    Nicholas

  • 0 in reply to NicholasHayman

    Depends on the subnet mask you choose, they could be in the same subnet  ;-) For mostly used /24 netmasks they are on different subsets.

    Your UTM in the 2NIC Setup has 2 IPs, e.g. 192.168.1.100 on the external and 192.168.2.100 on the internal interface.

    Gruß / Regards,

    Kevin
    Sophos CE/CA (XG+UTM), Gold Partner

Unfiltered HTML