Hi.
I'm obviously doing something wrong and it's driving me mad
Sophos UTM. 3 NICs. 1 is the external (internet) NIC
2 is 192.168.0.1/24
3 is 192.168.2.1/24 off of this is a Ubiquiti Dream Machine Pro (UDM) which has 192.168.1.1/24 coming out, with cameras and WiFi clients
I can access the UDM via domain name and configure it and view cameras
But I canNOT access the UDM by IP address - 192.168.1.1
I have set a F/W rule: My machine IP as a Host -> Any IP4 -> 192.168.1.1/24 Network (Allow), and log access, and I can see it allowing it through, but the browser times out and never connects. But even without the F/W I CAN connect using the domain name
Any clues?
Hello Mike,
what is the tesult of nslookup (Domainname of UDM)?
When connecting the UDM to interface three it had to have a 192.168.2.x sddress.Otherwise you are doing some magic here...
Mit freundlichem Gruß, Regards from Germany,
Philipp Rusch
New Vision GmbH, GermanySophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
Yes the UDM interface/network connected to Sophos is .2.1. Coming OUT of the UDM is .1.1 (it is THIS network I want to talk to).
you said 192.168.2.1 is the IP of the UTM to the 192.168.2.0/24 network.
If that is the case, your above setting in the UTM screenshot is wrong.
What is the IP of the UDM in the 192.168.2.0/24 network?
This has to be the Gateway in the UTM-routing table.
Isn't there a "Default gateway" setting at the UDM box? Sometimes called "gateway of last resort"?
If not, I would set the route from "Purple to green" to 0.0.0.0/0 for the destination network.
Hmmmm... yes I think I can where you're coming from... sort of!
Sophos is on 192.168.2.1
The UDM is on 192.168.2.10
I presumed I wouldn't need to tell the UDM it's own gateway would need to be used. I thought it would just know??
If I set 0.0.0.0/24 on the UDM as the Destination Network then I get "There was an error saving the static routes changes. Invalid payload."
Sorry 0.0.0.0/0
The gateway to Sophos, on the UDM, is set via DHCP (from Sophos), but it seems to stick at 192.168.2.10
UTM / UDM confusing! Okay I have set the UTM as above
That obviously makes sense!
But...I still cannot connect to the UDM on 192.168.1.1 via IP address
Pls do an nslookup of the name and tell us the ip, as said before.
That *is* strange! 192.168.0.1 is the UTM address
It is NOT in my LMHOSTS file, but resolves by domain name to the U*D*M
Hmm, Mike - it seems like the route that Philipp led you to should work. What do you learn from doing #1 in Rulz (last updated 2020-11-12)?
Cheers - Bob
Thank you everyone. That does indeed work
I wasn't understanding the Ubiquiti UDM and had to also open "WAN Local" to traffic coming though the Sophos UTM, that then immediately allowed me to see the UDM network (192.168.1.1) coming through the 192.168.2.1 network (Purple Network) on Sophos, from my 192.168.0.1 Green Network
Brilliant!