This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN IP eth4

FormerMember
FormerMember

I have a total of 5 WAN IP's.

I have a SG135 running 9.405-5

I have my LAN running off the LAN port. I need to configure one of the ports eth4 through eth7 to run an IP camera using one of my available WAN IP's. How can I do this?

I have a security camera system I am going to do the same-thing with but I figure I can use the same process for the single IP camera.



This thread was automatically locked due to age.
  • Hi, Ryan, and welcome to the UTM Community!

    You probably just want to create an Additional Address /32 on your "External" interface called "Camera" and then make a DNAT like 'Internet -> {camera port} -> External [Camera] (Address) : to {camera IP}'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • FormerMember
    0 FormerMember in reply to BAlfson

    I found the KB on that portion, but I want to connect the camera to the UTM. What kind of interface do I configure eth4 as?

  • Ethernet.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • FormerMember
    0 FormerMember in reply to BAlfson

    I know my questions are basic and I come across as inexperienced, but most of my experience is with Watchguard that is overly complicated. I do have Sophos UTM 9 for home and even in the home context I've added interfaces from a 4 port gigabit NIC (2 WAN and 1 internal) and still didn't have to add additional addresses.

    I am going to reiterate what you have told me so I can make sure I have this straight.

    Add the WAN IP to additional addresses /32, create a DNAT rule with the service as whatever the camera uses, destination "Going to: WAN IP", change destination to: 192.168.10.x, and no change to service, create a new interface with type as Ethernet, hardware eth4, IPv4 address as WAN IP, /32, and no default gateway.

  • Ryan, you are making it more complicated than it needs to be.  Except in extremely rare circumstances, if you have a single ISP, you should have only one NIC connected to the ISP - let's call the interface defined with it "External."  More public IPs are then configured on the "External" interface on the 'Additional Addresses' tab.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • FormerMember
    0 FormerMember in reply to BAlfson

    The configuration I have is correct. It turns out the modem is not forwarding packets correctly. As soon as I switch over to one of our other WAN IP's RDP works immediately.