No Internet

Hey Don,

if Masquerading, DNS and so on is working correctly it could be a Firewall Rule issue. Since everything in your Pictures are Default Drops post a picture of your Firewall Rules please.

Regards

Jason

Hey Jason.  Thanks for the quick response.  Firewall rules are the canned ones generated by the wizard.

Hi Don,

Why has your Internal Network the same Network Range as your WAN?

both are in 192.168.1.0 /24 Network range.

Regards

Jason

My WAN really isn't my WAN.  I have the UTM set up behind my gateway.  I turned DHCP off on the the UTM and I am using DHCP from my gateway router.  I thought that might be an issue, so I connected the UTM right behind my modem and got exactly the same results.  I thought that maybe there was a problem with one of the NIC's maybe only getting traffic one way, so I reinstalled and swapped the position of the cards in the interface (not physically) so that the traffic would run the other way.  Same symptoms.

Hi Don,

i also have alot of configs where the UTM is behind a gateway with DHCP but the WAN always uses are different IP Range, like this:

then u need a Masquerading Rule as well

I have the Net MASQ rule I think:

If I set a different subnet like that, will machines on both still be able to talk?  I guess it does not matter really, so long as I can get it to work.  In the end, I want this to be right behind my modem with all of my traffic running through it, but I have to get it going first before i take my entire network down.  But I am not certain that this will make a difference.  I had it set up right behind the modem already and the UTM box received my public IP address from my ISP, but I still was not able to get to the internet.  I will try again.

Hey Don,

well the only thing i see (its already late night here bit tired ;) ) is the same subnet for internal and external i never did that so i dont know the symptoms.

Because if Masquerading is translating IP Addresses into Public if both ranges are the same i dont know how this is supposed to work. I could be wrong tho

Regards

Jason

So, I changed the UTM Network IP range to be 192.168.2.0 and the webadmin access to 192.168.2.100 and I have the same issue.

A little more information.  I thought maybe reaching the internet from the same machine that I am accessing webadmin was not possible, so I turned on DHCP, connected a switch between the UTM and the webadmin machine.  Then I connected another machine and got an IP Address (192.168.2.101) but still no internet.  When I try to open a web page, I get a page generated by the UTM saying that the network is not available.

More fiddling.....I got a completely different box set up and ran through the installs - both the wizard and the install detailed here http://techbast.com/2015/03/perform-a-basic-configuration-sophos-utm-in-12-simple-steps.html and have the exact same results.  The firewall live log is solid red.  Both internal and external interfaces are showing traffic, but no internet.  Using Support > Tools > Ping Check I can ping 8.8.8.8 and google.com.  I can also ping the web admin address internally as well as machines that are on the internal network, but different subnet (Sophos box is 192.168.2.100 and everything else is 192.168.1.x), but all other external pings are 100% loss.

This has to be something silly that is being overlooked.  Why is the firewall dropping all traffic when it is set to Sources > Internal (Network), Services > Any, Destinations > Any?

Thanks in advance to anyone with any insight.

Don F.