Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 38 subscribers
  • Views 821 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED15 --> XG --> XG | Correct Routing

n33dfull

Hallo zusammen,

ich habe ein kleines Problem beim Routing von einem Mini Außenstandort in einen 2. Standort. 

Wenn ich von einem Client der RED15 auf einen Server in dem 192.168.3.0 Netz möchte, routet er es falsch, da die Pakete beim Tracert über die fritz.box rausgehen. 

Wenn ich die Schnittstelle 192.168.4.2 von dem Red Client anpinge erhalte ich eine Antwort. 

Könnte das noch an einer FW Regel liegen ? (Sehe jedoch keine Drops auf beiden XG105)

Aufbau:

RED15: 

Standard/Getrennt

GW: 192.168.2.254

DHCP: 192.168.2.100-200

Getrennte Netzwerke:

192.168.1.0/24

192.168.3.0/24

192.168.4.0/24

XG105-1(Die mit der RED15 Verbindung)

LAN1: Zone LAN | 192.168.1.0/24 mit DHCP 100-200

LAN2: WAN DHCP

reds1: Zone LAN | RED15

reds2: Zone LAN | 192.168.4.1 (Serverrolle)

Routing:

IPv4-Unicast

192.168.3.0/24 | GW 192.168.4.2 | reds2

192.168.5.0/24 | GW 192.168.4.2 | reds2

XG105-2

LAN1: Zone LAN  | 192.168.3.0/24 mit DHCP 100-200

LAN 2: WAN DHCP 

reds1: Zone LAN | 192.168.4.2 (Clientrolle)

Routing:

192.168.1.0/24 | GW 192.168.4.1 | reds1

192.168.2.0/24 | GW 192.168.4.1 | reds1

192.168.5.0/24 | GW 10.200.0.2 | Port3

VG



This thread was automatically locked due to age.
Parents
  • 0

    Hello n33dfull,

    Thank you for contacting the Sophos Community!

    If you do a TCPdump on the XG105 Interface 192.168.3.X, do you see the Ping from a client on 192.168.2 arrive there?

    IF the traffic is going out the Fritz.box, confirm that the local network of your customer is not in the same subnets as the split network, otherwise, this will cause routing issues.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to emmosophos

    Hi Emmanuel,

    i couldn't see any incoming packages on the XG105-1 Site, but i added the two firewall Rules below, i don't use NAT so i don't think that i have to add the transfer Network. 

    Also ask if theres a limit in Routing on the XG15, is it supported to route a network in Standard/split?

    Regards

Reply
  • 0 in reply to emmosophos

    Hi Emmanuel,

    i couldn't see any incoming packages on the XG105-1 Site, but i added the two firewall Rules below, i don't use NAT so i don't think that i have to add the transfer Network. 

    Also ask if theres a limit in Routing on the XG15, is it supported to route a network in Standard/split?

    Regards

Children
No Data
Unfiltered HTML