Dears, I have a sophos SG 330 firewall I'm trying to reach a new test cloud subnet from my internal network, a static route has been configured also on the core switch before starting to work on the SG box I have performed the below configuration on SG BOX: create new network object and assign the corresponding network ID from Interface and routing I have navigated to static routing than cloned the existing route that is existing for the production environment on cloud and replace the object with new created one then I saved the configurations. from my Network Protection tab I selected firewall option and allowed all traffic from the new subnet to the inside network and vise versa than I saved the configurations as per my knowledge that should be enough to reach the destination network, however, the Servers on the destination networks are not reachable from any vlan inside my network, in addition to that I tried to traceroute the servers IP from a local workstation and the last point before network unreachability is the SG Box. is this issue familiar? can any one help me to solve it? Best Regards in Advance

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Routes

Mohamad Halawani over 2 years ago

Dears,

I have a sophos SG 330 firewall

I'm trying to reach a new test cloud subnet from my internal network,

a static route has been configured also on the core switch before starting to work on the SG box

I have performed the below configuration on SG BOX:

create new network object and assign the corresponding network ID
from Interface and routing I have navigated to static routing than cloned the existing route that is existing for the production environment on cloud and replace the object with new created one then I saved the configurations.
from my Network Protection tab I selected firewall option and allowed all traffic from the new subnet to the inside network and vise versa than I saved the configurations

as per my knowledge that should be enough to reach the destination network, however, the Servers on the destination networks are not reachable from any vlan inside my network, in addition to that I tried to traceroute the servers IP from a local workstation and the last point before network unreachability is the SG Box.

is this issue familiar?

can any one help me to solve it?

Best Regards in Advance

This thread was automatically locked due to age.

Parents

0 PhilippRusch over 2 years ago

Hello Mohamad,

if you are using private IP inside your local networks, you will at least need a MASQ entry.

Mit freundlichem Gruß, best regards from Germany,

Philipp Rusch

New Vision GmbH, Germany
Sophos Silver-Partner

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 PhilippRusch over 2 years ago

Hello Mohamad,

if you are using private IP inside your local networks, you will at least need a MASQ entry.

Mit freundlichem Gruß, best regards from Germany,

Philipp Rusch

New Vision GmbH, Germany
Sophos Silver-Partner

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Mohamad Halawani over 2 years ago in reply to PhilippRusch

I'm routing from inside to outside, however the outside is the cloud.
Cancel
Vote Up 0 Vote Down

Cancel