How to connect vm Sophos firewall port with vm ubuntu port in VMEsxi?

Please provide a network diagram and your firewall rules.

ian

my network diagram :




my filter rules : 

Hi,

your request is very strange because your firewall drops all traffic as it is specified to do.

Yes. but, why laptop client can ping my vm ubuntu ip? (done create firewall rules in rules & policies / ACL System - Administration)


and when i create ACL block ip vm sophos in System - Administration client success to cannot ping ip firewall

Hello,

both servers are virtual machines on the same ESXi-host?

Please suplly us with the ip-adresses, the NICs and the gateways

yes sir, ubuntu server and sophos firewall as vm on the same ESXi.

for ip :  

- ip ubuntu server : 192.168.1.4/24
- ip sophos (2 interface) 
      port2 (as gateway ip ubuntu server) >> 192.168.1.3/24
      port1 (interface connect to client) >> 192.168.1.2/24
- ip client : 192.168.1.1/24
- ip vm esxi : 192.168.1.5/24

I would suspect that the firewall is not seeing any of the traffic because the VM switch is routing all the traffic on the same network.

Ian

when i'm set specific zone & specific source (not any) still client can ping vm ubuntu server

That's my point as well!

Even if you defined two interfaces for the sophos vm, you have put them into the same IP network. This will not work as desired.

Firewalling is only working when the firewall is BETWEEN the source and the target.

So you could use 192.168.10.1 on port1 and the 192.168.10.0 /24 network for your clients.

Then the Sophos vm will route the traffic between its two legs port 1 in 192.168.10.0 /24 and port2 in 192.168.1.0 /24.

Then your firewall rules will start to work - magic!