I have a Sophos SG135w which used to be for the work office, but we have moved and no longer require it. It was previously setup by the work MSP who we purchased the device from. It has been sitting idle for about 18 months now and I am going to set it up at home. I've got it working on a home license.
I have it connected to my modem/router which works on 192.168.20.40 on 1 interface. I have another interface configured for DHCP as I want the Sophos to control that (192.168.0.0/24).
Now the Sophos isn't running all DHCP yet, I have it connected on its on. When I am my desktop on 192.168.20.0/24 I can connect to 192.168.20.40. When I am connected to the Sophos on 192.168.0.0/24 I can connect to the Sophos of 192.168.0.1.
But, I have no internet connectivity. I suspect I need to do a route somehow? Or a DNS configure? Just not sure where I need to do any of this stuff and googling hasn't given me the answer.
Any tips or pointers would be great.
Hi Cohen Lewis,
Thank you for reaching out to the Community!
Could you please share the screenshot of the network interfaces configured on your UTM?
Did you configure the DHCP server on the internal interface? You can add DNS servers under Network services > DNS > Forwarders. You also need to add the internal network under DNS > Global > Allowed Network.
Did you configure the firewall rule for internet access and SNAT? Could you please share the screenshots with us?
Community Support Engineer | Sophos Technical SupportSupport Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts If a post solves your question use the 'Verify Answer' button.
See screenshots below:
Let me know if you need anything else! Appreciate the prompt reply.
You need several things to get this flying.
You say „modem“ but having a transfer network 192.168.20.0/24 indicates you are having a router.
That router has to know about the net behind the Sophos, either by setting up a route or by setting up what is called an „exposed host“.
Then, you need to „Masquerade“ that internal net behind the Sophos to your uplink connecting to the router.
Third you have to allow DNS usage to the clients of your internal net.
Mit freundlichem Gruß, Regards from Germany,
New Vision GmbH, GermanySophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
Hopefully this makes sense?
jprusch said:You say „modem“ but having a transfer network 192.168.20.0/24 indicates you are having a router.
Correct, I said "modem/router". I want the Sophos to do all the network routing though, so the modem/router will only have 1 device connected being the Sophos which will be 192.168.20.40
jprusch said:That router has to know about the net behind the Sophos, either by setting up a route or by setting up what is called an „exposed host“.
It is Internet > Modem/Router provided by ISP > Sophos > All other devices (Wireless/LAN)
How is this now?
Recommend reading this Sophos UTM: Options for deploying the UTM into your Network - Recommended Reads - UTM Firewall - Sophos Community