This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Network route to UTM failing through a chain of two L2 switches and asking for help please.

My problem I believe, stems from a couple of rather basic L2switches between the UTM and my workstation which extend/distribute our lan and increase the number of available RJ45 sockets for devices.  The UTM port and interface which my subnet supplies is connected to an access port on the main switch which tags the various subnet connection traffic for vlan distribution over the site.  This arrangement generally works well because the subnets are compartmentalised in use by purpose, for example guests, office, accounts, private etc. although I have not yet applied a rigorous firewall discipline between the subnets so was not expecting problems that could not be resolved at the UTM.

My problem has arisen when trying to install a new HP printer which is not yet well supported on linux and is installed on an office subnet but which I need to use from my private subnet.  I cannot work out how the routing should work.  It seems that I have been getting away with connections to printers on some subnets but not by good design and in this case, with several switches in the string, I cannot get this new printer to connect with my subnet.  I do not have the same problem with older printers similarly on the same subnets.

In my ignorance I think I should set up a static route on the UTM to connect workstations on my private subnet to certain printers.  This would obviate the routing problem I have when using static IPs on the printers which are required for other reasons..

Does anybody have time to help me with this please.  I have all the MAC addresses for devices at each end but am less sure about mac addresses for the L2 switches in between and how these work in the route configuration.  Some guidance here would be much appreciated please.

Regards,



This thread was automatically locked due to age.
Parents
  • Like Amodin implies, there's not enough information in your question.  A pic of a hand-drawn network diagram with relevant IPs and subnets would help.  The firewall log lines related to a block of the traffic you're trying to allow would shine a bright light on the issue.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Like Amodin implies, there's not enough information in your question.  A pic of a hand-drawn network diagram with relevant IPs and subnets would help.  The firewall log lines related to a block of the traffic you're trying to allow would shine a bright light on the issue.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Hi all,

    At the moment I now believe my problem was not with UTM and the issue has partly been resolved.  As Amodin stated there is no routing with L2 switch but MAC addresses should work.   I now have the connections I need but am finding I need to do much more to tidy up my network and also set up my firewall correctly.  At present it is all blank, a bit like my head at the moment.  Will close this and start a new thread when I get a quieter moment.

    Best wishes to you meanwhile.

    Regards,

    Budge.