This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do I check a remote machine and connection which is on another subnet and vlan on my UTM

I have a subnet set up on a shared port using vlan on UTM and all on different subnet from my working machine. 

I can of course access my UTM and can see the DHCP lease table which includes machines on the subnet I need to check but I cannot ping them from my machine or rather I do not know how to do this.

My problem is that the card machines and tills are playing up and I need to ensure that my network is all OK at least as far as being able to ping the hardware.

Grateful for some help on this please..



This thread was automatically locked due to age.
  • I'm like Bob and a very visual learner.  Can you make a quick picture of your network setup with what subnet you have?  If they are on the same subnet, you should be able to ping everything, different subnets you will probably need some type of NAT or firewall rule for PING.

    If you have a Layer 2 switch, it can handle that subnet traffic as well.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • The picture is a work in progress but the bottom line is that I work on a different subnet.  I have linked the sophos management network to my own machine but all the rest are stand alone until they get to the UTM.  I seem to have three choices, NAT which is beyond me as I have only used it in devices and they do it for me, firewall rule which I should be able to do with your guidance and last resort, to reconfigure my managed switch so that I am connected to the required subnet.

    I shall start on the firewall and call for help when I get stuck, which may not be too long!

    Good to hear from you again,

    Regards

    Alastair.

  • Hi Amodin,

    I set up a firwall rule just for this test, it did what I wanted and so I turned it off but the route seemed to be persistent.  I deleted it but I could still ping the remote  subnet. 

    Strange.  I had expected it to turn off when I removed the rule altogether.  Is that OK.  I expect it will stop soon but would be interested to understand.

    Thanks again

    Alastair.

  • I am on vacation and have some really limited access - sorry about that.  I will have to get in front of my UTM, unless someone can jump in before me.  I am not sure about the persistent connection after turning that off.  It might persistent until a reboot if you disabled/deleted it.

    I am literally on the beach at the moment, lol.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Awrite! Alastair - let's see if we can identify the brigand!

    Copy here a few lines from the firewall log when traffic is blocked.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    Thanks for keeping in touch. 

    It seems the problem we had which required me to check the particular subnet feeding tills and card machines was not a problem with our systems but the card machine company who apparently had a major problem.  All we know is that a chunk of money didn't get processed and we had to take copies of the machine paper slips and send them to the bank to prove we should have had the money.  Really not good but not my system at fault!!!

    I am buried in work right now and will not have time to do anything else on this until next week.  I have taken out the temporary firewall rule and expect  rebooting etc will clear any cache.

    Will get back to you.

    Many thanks again,

    Regards

    Alastair.