i have problem when add filtering rules in sophos vm to block icmp when ping ubuntu vm ip. icmp stay reply, i feel vm sophos firewall don't connect with ubuntu. Can you help me everybody?
thankyou
This thread was automatically locked due to age.
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
i have problem when add filtering rules in sophos vm to block icmp when ping ubuntu vm ip. icmp stay reply, i feel vm sophos firewall don't connect with ubuntu. Can you help me everybody?
thankyou
Hello,
both servers are virtual machines on the same ESXi-host?
Please suplly us with the ip-adresses, the NICs and the gateways
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
yes sir, ubuntu server and sophos firewall as vm on the same ESXi.
for ip :
- ip ubuntu server : 192.168.1.4/24
- ip sophos (2 interface)
port2 (as gateway ip ubuntu server) >> 192.168.1.3/24
port1 (interface connect to client) >> 192.168.1.2/24
- ip client : 192.168.1.1/24
- ip vm esxi : 192.168.1.5/24
yes sir, ubuntu server and sophos firewall as vm on the same ESXi.
for ip :
- ip ubuntu server : 192.168.1.4/24
- ip sophos (2 interface)
port2 (as gateway ip ubuntu server) >> 192.168.1.3/24
port1 (interface connect to client) >> 192.168.1.2/24
- ip client : 192.168.1.1/24
- ip vm esxi : 192.168.1.5/24
I would suspect that the firewall is not seeing any of the traffic because the VM switch is routing all the traffic on the same network.
Ian
XG115W - v20.0.2 MR-2 - Home
XG on VM 8 - v21 GA
If a post solves your question please use the 'Verify Answer' button.
Even if you defined two interfaces for the sophos vm, you have put them into the same IP network. This will not work as desired.
Firewalling is only working when the firewall is BETWEEN the source and the target.
So you could use 192.168.10.1 on port1 and the 192.168.10.0 /24 network for your clients.
Then the Sophos vm will route the traffic between its two legs port 1 in 192.168.10.0 /24 and port2 in 192.168.1.0 /24.
Then your firewall rules will start to work - magic!
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
ok sir, i try it.
from trying 2 network schema, for ip :
- ip ubuntu server : 192.168.10.2/24
- ip sophos (2 interface)
port2 (as gateway ip ubuntu server) >> 192.168.10.1/24
port1 (interface connect to client) >> 192.168.1.2/24
- ip client : 192.168.1.1/24
- ip vm esxi : 192.168.1.5/24
summary :
1. client can ping interface vm firewall (port 1, port 2) & ip vm esxi, but cannot ping ip ubuntu (rto)
2. ubuntu can ping interface vm firewall (port 1, port 2) , but cannot ping ip vm esxi & cannot ping ip client
i have done for :
1. add static routing in sophos
2. add gateway in interface client & ubuntu
3. delete firewall rules & ACL rules in vm sophos firewall
can you help me sir for this case?
I am confused: at first you wanted to BLOCK icmp packets from client reaching the ubuntu server, now that we achieved this, you want them to get through?
You will nedd to define a firewall-rule to access your FTP-server on the ubuntu-system from your client. That's all.
And static routing on the Sophos-system is not needed, as the Sophos-VM has a leg in both networks. So the IP-routing already "knows" about these two networks. The rest was already correct, the clients has to have 192.168.1.2 as gateway and the ubuntu-server has to use 192.168.10.1 as gateway.
You are almost done.
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
oh i see, ok sir.
now I haven't applied any filter rules yet. but why client can't ping ip ubuntu? (request time out)