This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strange VLAN Routing Issue

Hi All -

I have an issue that I'm hoping will be simple.

I have 2 VLANs and I'm able to ping and view devices on the 2nd VLAN without specifically allowing the traffic with a firewall rule. How is this possible? If I run a trace route from the first VLAN to the 2nd I can see that the traffic is hitting the UTM interface first and I only have layer 2 switches is use. What am I missing?

I even setup a deny rule and moved it to the top of the list and traffic is still allowed.

This thread was automatically locked due to age.

0 ThomW over 2 years ago

Hi.

Without knowing your infrastructure in detail.

Please have a look on at your configuration at "Network Protection -> Firewall -> ICMP". This could be activated there.

Sophos Gold Partner

4TISO GmbH, Germany

If a post solves your question click the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 dirkkotte over 2 years ago in reply to ThomW

Possible you globally allow ICMP?
Please check Network-protection / Firewall / icmp.
Post the setting if you are unsure...

Dirk

Systema Gesellschaft für angewandte Datentechnik mbH // Sophos Platinum Partner
Sophos Solution Partner since 2003
If a post solves your question, click the 'Verify Answer' link at this post.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 2 years ago

Hey Scott - long time no see - welcome back!

Thom and Dirk probably nailed it for you. You might want to consult #2 in Rulz (last updated 2021-02-16) when you have similar issues in the future.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel