This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Host default gateway

I was working on an SG310 and ran across something I could not explain.  We have 4 interfaces configured (WAN, LAN, DMZ 1, DMZ 2) on the UTM.

Let's say the LAN network is 192.168.0.1, DMZ 1 is 192.168.1.1, DMZ 2 is 192.168.2.1 and all networks are a /24

If I address a host in DMZ 2 at 192.168.2.10 and set my default gateway to 192.168.1.1 (DMZ 1 interface( I can reach devices on in the 192.168.0.x/24 LAN network.  It almost seems that the sophos is picking up the traffic from the my host in the DMZ 2 zone and knows that the mis-configured default gateway is configured on one of it's interfaces and just picks up traffic and routes it.

Now, if I shut down the DMZ 1 interface (192.168.1.1) that I was using for my host at 192.168.2.10, then I cannot route off the network.

Is there a way to disable this by chance?

Thanks



This thread was automatically locked due to age.
  • WebAdmin automatically builds routes between all of the IPs/subnets defined on its defined Interfaces.  It does not automatically create firewall rules.  What about your firewall rules allow traffic between the DMZs?

    If this is HTTP/S traffic, you might be interested in a document I maintain that I make available to members of the UTM Community, "Configure HTTP Proxy for a Network of Guests."  If you would like me to send you this document, PM me your email address. I also maintain a version auf Deutsch initially translated by fellow member hallowach when he and I did a major revision in 2013.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA