I can not access a device on another subnet

Hello everyone. I recently implemented an XG125 in my office. In the sophos I have 2 vlans (vlan10 called LAN_Administración with ip 192.168.1.0/24 and vlan20 called LAN_Laboratorio with ip 192.168.0.0/24). On vlan10 I have some devices that I want to access from vlan20. With that I have had no problems, except with a IP PBX on 192.168.1.2. I can connect to it through public ip and in vlan10, but I can not access from vlan20.

 

Attached configuration of the firewall rule created for that device

  •  Julio,

    Im not sure why you're using a Business Rule for this.   You should be using a standard User/Network Rule.

    Set up a User/Network Firewall Rule with all the settings you have in the photo; except in Host/red de destino* under Destino y servicio, add the zone LAN_Administracion.  You will need to set up the proper security controls in Avanzado that match the zones you chose in Destino y servicio.

  • In reply to David Birdsall:

    Hi David! Thanks for answering me. I have deactivated all the rules of access to devices and I created the rule as you told me, but now I do not have access (or ping) to anything in the network 192.168.1.0/24

  • In reply to Julio Ramos:

    I didn't want you to deactivate all rules.  I just wanted to turn off that one rule you showed before and turn on the new rule in its place.  

    In Identidad, click "coincidir con usarios conocidos" to uncheck it, and Save

  • In reply to David Birdsall:

    It's Works! Thank you!

  • In reply to Julio Ramos:

    You're welcome.

    From now on. Make Firewall Rules like this.  The Business Rules are for very specific needs that most user's don't encounter.  

    If you need to make a lot of new rules at once, you can duplicate this new rule in the Firewall Rule list and modify as necessary.