Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with Sophos and Mikrotik behind a PTP

cx22x

Newbie question here.

Currently i have my main network with IP 192.168.55.x.

My Ubiquiti PTP has 192.168.1.1 on Master and 192.168.1.2 on Slave.

    

And a remote network with ip 192.168.60.x that is receiving internet through the Sophos and through the PTP link.

The issue here is not the internet the i ssue is that when i search for that network on the sophos i see i am only receiving traffic with ip 192.168.1.1 and not the traffic from 192.168.60.x

I want to block some stuff and use Intrusion prevention and more tools from the Sophos but because on that Mikrotik we want to put more Vlans and block some services and website i can't do if i see only that network (192.168.1.1)

Hopefully i explained myself and you can help me with the problem.



This thread was automatically locked due to age.
  • 0

    Hi  ,

    Based on this understanding, it seems like the issue is that the Sophos is not seeing the traffic from the 192.168.60.x network. This could be due to a few reasons:

    1. Routing configuration: Ensure that the routing is set up correctly, so that the Sophos can see the 192.168.60.x network traffic. This may involve configuring static routes or dynamic routing protocols.
    2. Network segmentation: If the 192.168.60.x network is separated from the 192.168.1.x network in some way (e.g., through a firewall or router), the Sophos may not be able to see the 192.168.60.x traffic.
    3. VLAN configuration: If the 192.168.60.x network is on a different VLAN than the 192.168.1.x network, the Sophos may not be able to see the 192.168.60.x traffic unless it's configured to handle that VLAN.

    To troubleshoot this, I would suggest the following steps:

    1. Check the routing configuration on the Sophos, the Ubiquiti devices, and any other network devices involved, to ensure that the 192.168.60.x network is reachable from the Sophos.
    2. Verify the VLAN configuration, and ensure that the Sophos is configured to handle the VLAN(s) that the 192.168.60.x network is on.
    3. If the above steps don't resolve the issue, you may need to look into network segmentation and how the 192.168.60.x network is connected to the rest of the network.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Technical Support, Global Customer Experience

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case  | Security Advisories 
    Compare Sophos next-gen Firewall | Fortune Favors the prepared
    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

    • 0 in reply to Vivek Jagad

      Sorry if i not explained well, this is my network .

      PTP master (192.168.1.1) is connected on Port 8 of the Sophos and Slave (192.168.1.2) is conected on port 1 of the Mikrotik

      Network 192.168.60.x goes out to the internet without problem through the sophos , the problem is at the time we try to block websites or try to apply network rules to block traffic, on the sophos we only see traffic comes with ip 192.168.1.1 (PTP ip addres), instead of original 60,61,62 traffic.

      On the Mikrotik i use nat masquerade but don't know if i have to use srcaddress or something like that or in the ptp.

      Hopefully this helps to explain a little better the problem.

      Thanks for replying.