I have ESXi 6 with 2 physical NICs (eth 0 and 1) and I have 3 vnics (external, bypass, internal). I have a firewall with eth0 binded to external for Internet access. Then the firewall has a vnic for internal traffic (bypass). I then have sophos utm bridge mode connected to 2 vnics (bypass) inbound and (internal) binded eth1 for lan traffic.
modem ---(eth 0 / vnic external) on switch 0 ---- firewall ----- (vnic bypass) on switch 1-------- (vnic bypass) on switch 1 ---utm bridge---- (vnic internal) on switch 2
I am not able to pass traffic through the bridge. When I have it set this way, I can access the management page in the sophos bridge. When I switched the vnics in the esxi settings, I can access the page in the middle switch, but not from the lan side. I have tried to ping, tracert, firewall webpage, and dns resolve; nothing has worked to traverse the utm bridge.
Settings:
bridge status is up / up
the bridge has 192.168.0.2/24 (no gw ip)
firewall is set for anyip/any service/any ip
dhcp relay to 192.168.0.1 (no dhcp on utm)
ESXi has promiscuous mode (accept)
I have tried with and without a NAT masq
the log files for the firewall and http traffic do not indicate the desktop im using is sending traffic to the UTM.
BTW, I have reviewed the following links to no avail (and several others).
https://community.sophos.com/products/unified-threat-management/f/52/t/30313
https://community.sophos.com/products/unified-threat-management/f/53/t/34981
This thread was automatically locked due to age.
Quote