This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can static routing be done on SOPHOS SG Series Bridged Interfaces ?

I have got 2 sites connected via L2 Point to Point. 

Site A which the SIP Server, and other VOIP Call server resources are located

Site B which all the IP Phones and Clients are located

i am unable to do static routing on the bridge interface. The bridge interface (Voice Data 10.160.38.0/24) is use to establish connection via L2 Point to point from Site B to Site A.

there is another Local LAN (LAN Data 10.160.36.0/23) which is on a separate interface on sophos. 

as the VOIP Call recording server and Reporting server is on the (Voice Data subnet 10.160.38.0/24) i need to route traffic from the (LAN Data subnet 10.160.36.0/23) so that LAN Data Subnet can access the VOIP Call recording server and reporting server. Tried static gateway routes and interface routes to the bridge interface but it doesn't seem to work. 

The only way for i got it to work is to do a SNAT on sophos tranlating the Data Subnet to the Voice Subnet GW located at Site B.

Any insights anyone could get static routing to work on bridge interfaces ?



This thread was automatically locked due to age.
  • For any box to serve as a router, incoming packets need to be addressed to the router's IP address, or it needs to be the internal default gateway so that it can be primary responder to ARP requests.   Since you are configured in bridged mode, I am suspecting that your internal routers are directing traffic past UTM to your firewall.

    You need your internal routers to forward outbound traffic to the UTM address, then have UTM forward (or redirext actually) to the firewall.   Alternatively, configure static routes on internal routers to forward to UTM for the subnets that you want UTM to handle.

  • Hi Douglas, 

    there is not internal router, Basically Site A and Site B shares one subnet 10.160.38.0/24 via L2 point to point. 

    site A has a Edge Router thats to allow Site A resources out to the internet (Router ip 10.160.38.10/24)

    Site B has SOPHOS UTM SG650 to allow site B resources out to the internet. (SOPHOS IP LOCAL LAN 10.160.36.1/23, Bridge Interface for L2 point to point GW 10.160.38.1)

    the bridged interface is used to establish connection from Site A to Site B 

  • I have a hard time imagining how your network is built. Can you post a simple diagram with IP-ranges in it so we can see how everything is connected together?


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.