Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Answers 3 answers
  • Subscribers 41 subscribers
  • Views 3812 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XGS 3100 LAN to LAN using NAT

sbay

Today we want to replace our old UTM with an XGS 3100 cluster. In advance, we had created rules manually. But we were only able to test it today.

We have a LAN port 1 (192.168.2.0/24) and a 2nd LAN on port 7 (192.168.201.0/24)
When I access 192.168.2.x from the network 192.168.2.x via SSH to a server in the network 192.168.201.x, I always get the IP of the gateway (192.168.201.1).
I don't have a NAT configured for it though.
The UTM also showed me the correct source IP.
Where and how can I get the XGS not to perform NAT between LAN interfaces?

The Sophos is configured as a gateway instance.
SFOS 20.0.0 GA-Build222 is installed as firmware.

We also noticed that none of our SNAT rules work over the IPSec tunnels. Even if we link a rule to a NAT rule.

Are we doing something wrong or is there something else that needs to be created?

Greeting
Sascha



This thread was automatically locked due to age.
Parents Reply Children
Unfiltered HTML