This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM - communication between two internal interfaces - subnets with vlans

Dear Sophos specialists,

I know your support forum for several years and i always found here solution for my problems. But in this time, after few days of trying, reading topics and thinking i cannot solve current problem on my own.

Problem:

I have one WAN1 port - eth1 - from which internet is coming. One eth2 port where i have two interfaces created as Vlan network

- Office_LAB_vlan55
- Prod_LAB_vlan65

Both those network has created DHCP server inside Sophos. Internet works on both networks. My problem is that i cannot communicate between those two networks. I need to control traffic with firewall between them
I already tried probably all advices what i found on this forum. - read Rulz - Created rules in firewall - allow communication between those networks. - tried Static routing - set default gateway of Office network for DHCP of production - tried Multipath rules and so on....   

(i have test lab on UTM120, my main network is managed on SG210)

you can see more detailed description of my problem in those pictures. Please help if you can...

  



This thread was automatically locked due to age.
  • Hi Guys, 

    After another 2 days of trying, it looks like it is working now. My problem was not in sophos settings but in Windows Defender firewall - PCs which i used for tests was Windows 10 based. Comunnication was worked when all PCs was on the same subnet. But when i wen to another, Windows firewall blocked whole traffic. 

    Temporary i turned off windows firewall and it started works. 

    For permanently work, i created Inbound rule in windows firewall which will allow communication between remote subnets(even when this one is actually my internal subnet). 

    I have to find out how to distribute this rule at once to more PC, maybe GPO? I am not sure, if i have to create those subnets also in domain AD... hmmmm...

  • Ahoj Matej and welcome to the UTM Community!

    Thanks for posting the solution to your issue - that will help others that participate here.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA