Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Using with ONE LAN interface GATEWAY

Hello,

I try@home to migrate from UTM zu SFOS. On the good old UTM there was only one LAN Interface. This was the gateway for some PCs.

At the network configuration on the UTM, I configured the real-router-getway as gateway in this one UTM NIC. It has worked.

Now at SFOS I cant configure a gateway at the LAN (also only one NIC) interface.

What would be the 1:1 configuration for SFOS like the UTM was?

best regards

michael



Added TAGs
[edited by: Erick Jan at 12:46 PM (GMT -7) on 5 Sep 2024]
Parents
  • Hi,

    I'm a bit confused by the design.
    you place 2 doors within the same network and hope your users & devices use the correct one?
    Some other applications may "see" the other door and ignore the correct way.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • Moin, its only for home-use and family. Theoretically every smartphone via USB on a PC is a door :-) They have no local admin/root-rights on the devices, so the GW is 'secure'. The main use-case are the proxy-blacklists.

  • While your setup may fit your needs and they have no local admin on the devices they might be able to start their devices with a linux live environment and go directly to the fritzbox as gateway.
    Why not simply add a 2nd NIC in the machine and do proper LAN to WAN routing with no easy options to bypass the firewall (other than physically plugging cables)?


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Reply
  • While your setup may fit your needs and they have no local admin on the devices they might be able to start their devices with a linux live environment and go directly to the fritzbox as gateway.
    Why not simply add a 2nd NIC in the machine and do proper LAN to WAN routing with no easy options to bypass the firewall (other than physically plugging cables)?


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children