This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM not seeing any traffic from new interface

I've added an addition interface to our UTM to setup a DMZ. I am unable to get the UTM to acknowledge any traffic on this new interface.

Clients in the DMZ network can communicate with each other, but cannot ping the UTM's interface IP, cannot get access to the Internet, and do not show up at all in the packetfilter.log

The existing Internal network interface has worked for many years without issue.

UTM interfaces

  1. Internal - 192.168.0.1/24
  2. Internet - ISP assigned public IP
  3. DMZ - 10.225.0.1/29

UTM Configuration

  • Interfaces & Routing
    • Static Routing
      • Interface route > DMZ Network (10.225.0.0/29)
  • Network Protection
    • Firewall
      • DMZ (Network) > Any > Internet IPv4
    • NAT
      • Masquerading
        • DMZ (Network) > Internet Interface

I thought with the DMZ interface and Static Interface Route I would immediately see something, but no matter what changes I've made the UTM just seems to act as if the DMZ interface doesn't even exist.

Anyone have any insight? Am I missing something obvious required to allow traffic from a new interface to interact with the UTM?



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    UTM interfaces

    1. Internal - 192.168.0.1/24
    2. Internet - ISP assigned public IP
    3. DMZ - 10.225.0.1/29

    Is DMZ network configured on eth2 interface and connected with a separate switch?

    If it's on physical interface eth2 then there’s no need of adding a static route.

    Firewall and masquerading rule configuration seem ok. Please add DMZ network under Network Services > DNS > Allowed Networks.

    Also please share a rough diagram of your network setup and post a snapshot of interface configuration as well.

Reply Children
  • Just clarifying here:  Is this a new network card that you added, or just enabled what you already had?

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Amodin has the good question.  I suspect that the driver in use for the eth4 NIC is not the one you want.  The Installation process for the UTM only loads drivers for the devices it sees.  If you add a device that is not identical to an existing one, you must re-install the software.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • It is a new NIC added. Our Sophos UTM runs in Hyper-V, so this was a new virtual NIC. eth4 is definitely the correct device.

  • Bob,

    Do you have experience with Sophos UTM on HyperV adding new NICs? Would it require reinstalling the OS?

  • Please show us your setup of that NIC in Hyper-V. (screenshot)

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • What settings in particular? In HyperV all the Network Adapter screen shows is which virtual switch the NIC is assigned to, which is a Private switch named "DMZ". Both of the clients in the diagram are also on this virtual switch. No VLANs are enabled.

    Was there a different setup screen you wanted? 

  • Ok - my glassbowl isn't working at the moment ...

    Just give us the config screens of your Hyper-V network definitions for the system, there is something wrong there obviously.

    If I already knew what to look for, I wouldn't ask for that :-)

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.