Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 2 answers
  • Subscribers 4 subscribers
  • Views 10146 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple outgoing IP's with single WAN port

Hugo Delsing

Hi,

I have several web servers running behind a single Sophos UTM, with two interface:

- eth0 > external (x.x.x.7/26) with default GW (x.x.x.1)

           > Additional addresses

            > x.x.x.8/26

            > x.x.x.9/26

            > x.x.x.10/26

            > etc

- eth1 > internal (10.0.0.2/24)

 

Using web server protection I was able to send each additional external address to the correct internal server. But when I access the internet from a web server, it always uses the default IP x.x.x.7. I manged the same with a DNAT rule from external to internal. Both work fine.

But how can I configure Sophos UTM to direct all outgoing traffic to the correct external ip?

EG:

10.0.0.8 >x.x.x.8

10.0.0.9 >x.x.x.9

10.0.0.10 >x.x.x.10

 

Regards,

Hugo



This thread was automatically locked due to age.
Parents
  • 0

    Hoi Hugo and welcome to the UTM Community!

    With NAT rules, e.g.,

    SNAT : {10.0.0.8) -> Any -> Internet : from {x.x.x.8}

    Cheers - Bob
    Note in #2 in Rulz that your DNAT makes your WAF setup ineffective.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thank you BAlfson,

    I only mentioned the DNAT rule as an alternative that was also working, I'm not using them together, but thank you for the rulez list. That's very nice.

    Unfortunately the SNAT didn't work.

    FROM: 10.0.0.8
    Service: any
    Going to: External WAN address (x.x.x.7)

    Change source: x.x.x.8

    But nothing happens.

  • 0 in reply to Hugo Delsing

    You NAT rule is incorrect.

    Not

    Going to: External WAN address

    But

    Going to: Internet

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply Children
No Data
Unfiltered HTML