Hi.
I'm obviously doing something wrong and it's driving me mad
Sophos UTM. 3 NICs. 1 is the external (internet) NIC
2 is 192.168.0.1/24
3 is 192.168.2.1/24 off of this is a Ubiquiti Dream Machine Pro (UDM) which has 192.168.1.1/24 coming out, with cameras and WiFi clients
I can access the UDM via domain name and configure it and view cameras
But I canNOT access the UDM by IP address - 192.168.1.1
I have set a F/W rule: My machine IP as a Host -> Any IP4 -> 192.168.1.1/24 Network (Allow), and log access, and I can see it allowing it through, but the browser times out and never connects. But even without the F/W I CAN connect using the domain name
Any clues?
Hello Mike,
what is the tesult of nslookup (Domainname of UDM)?
When connecting the UDM to interface three it had to have a 192.168.2.x sddress.Otherwise you are doing some magic here...
Mit freundlichem Gruß, Regards from Germany,
Philipp Rusch
New Vision GmbH, GermanySophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
Yes the UDM interface/network connected to Sophos is .2.1. Coming OUT of the UDM is .1.1 (it is THIS network I want to talk to).
You mean the wifi leg of the UDM?
You have to announce this net to the other networks with a static route.
That is what I thpought too, yet I have already done a lot of reading on here before posting, and one of Bob's post implied I didn't need to (something abot it being a stateful firewall...). So I am now back to square one - a static route. I have tried every single combination I can think of to configure this, and it doesn't work. Can anyone give instructions to a 5 year old (like me) on the exact syntax on the UTM? I would have added a screen shot of all the different variations I've tried but out of annoyance I deleted the lot earlier /slaps forehead/
Hi Mike,
TCP/IP is always a two-way definition: packets have to know the route „to“ a net/host and they also need to know the way „back“.
I think your problem is the definition of a gateway on the UDM box.
Could you show us screenshots from the setup?
Thank you. See attached. Does this help?
Mike
you said 192.168.2.1 is the IP of the UTM to the 192.168.2.0/24 network.
If that is the case, your above setting in the UTM screenshot is wrong.
What is the IP of the UDM in the 192.168.2.0/24 network?
This has to be the Gateway in the UTM-routing table.
Isn't there a "Default gateway" setting at the UDM box? Sometimes called "gateway of last resort"?
If not, I would set the route from "Purple to green" to 0.0.0.0/0 for the destination network.
Hmmmm... yes I think I can where you're coming from... sort of!
Sophos is on 192.168.2.1
The UDM is on 192.168.2.10
I presumed I wouldn't need to tell the UDM it's own gateway would need to be used. I thought it would just know??
If I set 0.0.0.0/24 on the UDM as the Destination Network then I get "There was an error saving the static routes changes. Invalid payload."