This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.506 on VMWare Workstation 12 - No IP from ISP

Windows Server 2012 server, runs everything in my home office. I'd like to run the FW there also.  I installed VMWare Workstation 12 and setup a test Sophos VM, I used an IP on my office network for both the LAN & WAN... traffic passed fine. I was able to eval and decided this will work for me. So I decide to put it out at the edge of network. SO I pulg the ISP modem ethernet to one interface and internal LAN to another interface. Both are Intel NIC's - I can get to the web admin but cant get the WAN to come up.

 

ISP ==> Modem ==> Eth1  (on Server) -- VMNET3 in Workstation

Internal Sw ==> Eth0  (on Server)        -- VMNET2 in Workstation   < UTM web interface and home network

 

VMNET2 bridged to 1st NIC on Sophos - works fine access to the web admon is completely fine

VMNET3 bridges to 2nd NIC on Sophos VM - the NIC on the host machine GETS THE IP, the VM wont get an IP...

 

I guess I am missing the tree through the forest here, the NIC on the host server is getting the ISP IP (the int is set for DHCP) - how do I fix so the Sophos VM gets the IP?

 

 

John



This thread was automatically locked due to age.
Parents
  • I had this doing the same thing in reverse - testing on a vm before implementing an appliance. I think I needed a NAT masquerading rule to allow the DHCP traffic (well, all traffic) to come from the ISP. Network Protection --> NAT is the place to start. 'Network' needs to be VMNET2 (the internal network), 'Interface' should be VMNET3 (the internet).

    Regards

    Dave

Reply
  • I had this doing the same thing in reverse - testing on a vm before implementing an appliance. I think I needed a NAT masquerading rule to allow the DHCP traffic (well, all traffic) to come from the ISP. Network Protection --> NAT is the place to start. 'Network' needs to be VMNET2 (the internal network), 'Interface' should be VMNET3 (the internet).

    Regards

    Dave

Children
  • Actually nothing to do with my previous reply at all, although you will need that. 

    This is a VMware issue, not one with UTM. Is VMNET3 bridged to the physical interface where the ISP Connection is presented? you'll need that, and you'll need to stop the physical interface from requesting an IP address. if your physical interface is called LAN2 the following powershell command might work (can't test currently):  

          Set-NetIPInterface LAN2 -DHCP disabled 

    unbinding IP from the physical interface might work too, as the ethernet frames should still get forwarded.

    Regards

    Dave

  • Thanks for the Reply Dave - I never could get it to work properly. I installed on a small PC today and all went smooth, ISP IP on one NIC internal LAN on the other. Not sure what the deal was I'm sure it had to be in the VMWare network stack somewhere. I tried the PS command, tried to unbind IP and reinstalled once with both connections plugged in and never would get an IP ...

     

    Thanks

     

    john

  • John, here's a picture of what works for me in VMware Player.  LAN is on eth0 and WAN is on eth1 bridged to the WiFi adapter in my laptop.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA