This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to configure sophos UTM with my existing router?

Hello my name is Mike and iam a newbie at this... right now im trying to set up sophos atm on small office, the business has a aris modem/router build in from Spectrum, i have a dell small factor computer with a EXPI9402PT PRO/1000 PT Dual Port Server NIC... the installation of sophos went ok, however the issue is i cant connect to the sophos admin... my ip are

sophos utm: 192.168.1.1:4444

router ip : 192.168.1.2 (dhcp is disable since i want the UTM to handle this)

ip range starts :192.168.1.3

ran a cable from the modem/router (lan ports) to the UTM and from the UTM to the switch (modem/router---->UTM---->SWITCH----->PCS), however i cant access it from the network when entering the managing ip (https://192.168.1.1:4444) nor when connecting directly to the utm through the admin nic and setting ip manually on my computer.

Could you please explain me what i doing wrong? 

Also  another question is :  Can i use the modem/router as a AP ? or i have to add another router?

Thank you 



This thread was automatically locked due to age.
  • I supposed you are using a laptop/desktop PC to connect to your utm.

    Your PC should be on the same network as your utm. From you computer, ping 192.168.1.1. If no response, then you have a network/routing/configuration problem.

    If the ping is successful, using putty or something similar, do "telnet 192.168.1.1 4444". If fail, or stuck on "Trying 192.168.1.1", then your port 4444 is not open.

    I imagine your setup may look like my beautiful drawing below : )

    If you don't get a ping reply or port 4444 is closed, re-install if necessary, get these two resolved and then you'll be able to access webadmin page and continue your setup and configuration.

     

    Good luck!

    jav

  • You are describing a situation where you're creating a bridged UTM connection since both Arris modem and your local LAN (and the UTM in between) all are in 192.168.1.0/24 network. Maybe this is your intention, but you might want to setup the UTM as a real router/gateway.

    Your UTM has 2 nic's, so 1 is WAN (connecting to arris modem) and can have 192.168.1.1 whereas arris modem has 192.168.1.2.

    The other NIC should use another subnet when routing, so ie. 172.16.1.1 with subnet of 255.255.255.0. Your internal clients will then also be in 172.16.1.0/24.

    For the problem that you cannot connect to webadmin; have you tried to connect to the "other" NIC to see if that NIC might be configured with this IP?


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • My modem has the router build in! so its modem-router box, so i run a ethernet cable from the modem-router to my UTM and then i have a cable running from my UTM to the Switch... 

    now in the configuration i told UTM to handle the DHCP, so i disabled it on the modem-router, however its doenst work, i have no internet connection,  i did configured the IP as follow"

     

    modem-router ---> 192.168.1.2

    UTM               ---> 192.168.1.1

    DHCP Starting ip ---> 192.1168.1.3 

     

    what im doing wrong here? thanks in advanced

  • Is that a trick question(1168)? : )

    Hard to say. What troubleshooting steps have you done so far?

    Pinging between your pc and utm and router and transposing cables and posting some results might be a start.

     

    Good luck.

    jav

  • all devices are in the same 192.168.1.0 subnet. If UTM is in-between, that can only work when it  is in full transparent mode. If you don't have it in full-transparent mode, you should have another subnet behind the UTM.

    Even tough you have a modem-router, your provider may still be able to bridge it for you (effectively disabling the router function on the modem). You will then get the public WAN address on the WAN interface of UTM.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • Hi, Mike, and welcome to the UTM Community!

    If you read here, you will see that the standard approach is to bridge the modem/router and use a different wireless AP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA