This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need help setting up (routing for) a DMZ with UTM9

Hi all,

I am currently in ther process of creating a DMZ on a ESX host to host a game server with UTM 9.

Here are a few keypoints:

> The External NIC shoul route all traffic coming from the internet into the DMZ.

> The modem I use is ISP managed and allows for me to set an IP address as DMZ address, which I decided to be 192.168.0.2 (all traffic reaching the public IP will be forwarded to it, with exception of a few ports).

> I added 3 NICs. One for managing the firewall from LAN, one External and one for the DMZ (see network diagram below).

> I am able to ping a resource in the internet (8.8.8.8) from the firewall.

>I tried multiple attempts to get the routing working using Static Routing. Unfortunately none of them worked and I started to question my sanity.

> Network diagram:

Could someone please help me getting the routing to work?

Thank you so much!

This thread was automatically locked due to age.

0 BAlfson over 5 years ago

Hallo and welcome to the UTM Community!

After you've corrected the problems listed in #3.1 in Rulz (last updated 2019-04-17), what do you learn from doing #1?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 Jason Klein over 5 years ago

Hi fafri,

Please check if you have in Network Protection \ Nat \ Masquerading a rule saying DMZ -> Uplink Interfaces.

Please Check if you have a Firewallrule specified for the DMZ LAN.

I dont think you need to create a static Route because the WAN Route is already directly connected so the UTM is already forwarding 0.0.0.0 out of this Interface (if no Uplink Balancing enabled).

Regards

Jason

Sophos Certified Architect - UTM
Cancel
Vote Up 0 Vote Down

Cancel