Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Accessing subdomains.

Hello all.  I'm a newb home user coming from OpnSense.  I'm having an issue accessing my subdomains.  This is something simple that I'm just not understanding.  A couple pics will help explain what I'm trying to accomplish, and my setup.

Interfaces

DHCP (note that the bottom 2 are in reverse order aka it shows PortD then PortC, not that this matters).

Firewall Rules

PortB and PortC can access the internet (I didn't try PortD).  PortB can't access PortD.  In the CLI I can ping both just fine.  How can I enable PortB to access PortD?

Also on PortB I used the predefined zone called WiFi (as this is an access point).  Is this ok, or should I create my own name?

Thank you.



This thread was automatically locked due to age.
Parents
  • Check your firewall logging to see if the traffic is actually blocked. You might need to (temporarily) add a block everything rule with logging enabled at the very end of the firewall to be sure you (temporarily) log all blocked traffic.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Reply
  • Check your firewall logging to see if the traffic is actually blocked. You might need to (temporarily) add a block everything rule with logging enabled at the very end of the firewall to be sure you (temporarily) log all blocked traffic.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children
  • Here was some issues.

    1) I was trying to ping a proxmox port from a separate subnet.  Apparently this isn't allowed.  Still odd how the CLI could ping it.  That threw me off.

    2) Nothing was plugged into that port (head palm).

    3) The test rules works great, I didn't realize that it was literally a simulation, and didn't actually try to do it.

    You guys are great.  Thank you for helping. 

    On a side note, I've been hammering the GUI, and found a lot of things that I really like.