This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiply IP on WAN

Hello!

I'm run Sophos UTM9 on esxi, VM configured with 2 NIC. WAN and LAN. 

From ISP side we have two public IP /28 networks/ For example 1.1.1.48/28 and 2.2.2.16/28

WAN config:

IP 1.1.1.50

Mask 255.255.255.240

FW 1.1.1.49

From LAN side Sophos connected to core switch. Switch perform inter vlan routing. Both connected to dedicated vlan 254

Sophos LAN IP - 192.168.254.1

Swich IP - 192.168.254.2

Users placed in different vlan's:

vlan 100 - 192.168.1.0/24

vlan 100 - 192.168.2.0/24

vlan 100 - 192.168.2.0/24

 

After basic setup I added to Sophos

1. Static Route -> Network 192.168.0.0/16 -> Route to 192.168.254.2

2. Firewall Rule - Network 192.168.0.0/16  -> Any -> Any permit

3. Nat Rule's vlan100 -> External (WAN), vlan200 -> External (WAN), vlan300 -> External (WAN)

 

All work fine.

Now I need to route each vlan network to internet via dedicated public IP. For example:

192.168.1.0/24 via 1.1.1.51

192.168.2.0/24 via 1.1.1.52

192.168.3.0/24 via 2.2.2.19

I add additional ip to WAN interface and edit nat masquerading rule for vlan102:

192.168.2.0/24 -> Interface WAN -> use address 1.1.1.52

 

But traffic from this network detected with public IP 1.1.1.50 (WAN primary IP)

 

what am I doing wrong ?



This thread was automatically locked due to age.
  • Sveiki Stas and welcome to the UTM Community!

    Please show us a picture of your Masquerading rules.  Also, tell us if the outbound traffic with 1.1.1.50 was initiated by a device in 192.168.2.0/24 or was this a response from 192.168.2.0/24 to traffic from the internet.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA