I have the home edition of the Sophos UTM appliance and it acts as a default gateway/firewall for my network. I have it residing in a virtual machine with three interfaces. (all security concerns of running it in my VM environment aside)
*eth0 - VLAN 15 - Raw Internet coming from my cable modem *eth1 - VLAN 2 - Internal network for my PC's, file server, etc - 10.0.13.7 *eth2 - VLAN 3 - DMZ mainly for testing/Internet only access - 192.168.1.1
The virtual environment is connected through a nortel 5520 switch, and all connectivity works properly... except that the UTM allows traffic to flow between the "DMZ" network and the "Internal network" even though there is a firewall rule to drop any traffic between these two networks. This happens virtual to virtual, physical to physical, and either way in between. The rule is at the top of the list and is enabled. I've tried digging through the interface to see where it might be allowing traffic, or if there were any hidden firewall rules, but no luck. https://nox.tips/
A traceroute shows that it is indeed crossing over the UTM to the DMZ network via 10.0.13.7
Any ideas?
This thread was automatically locked due to age.
