This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SD-RED20 behind UTM is local online, but without Internet

Hi,

I want to use a SD-RED20 behind an UTM with UTM 9.711-5 to connect a small office to headquarter.

The connection from the SD-RED20 is established and working fine, for the local networks (few VLANs, split with a aruba, because the SD-20 can´t do VLAN).

Even wireless networks are working after some hard work to connect the AP successful to the UTM, but nether cable-connected or wireless devices can access internet.

Masquerading is set as following:

Network: RED-interface (br0)
Position: 1 (the count doesn´t matter, I already tried)
Interface: WAN (like every other on the UTM, and they got Internet access)
Use-address: Primary

Firewall I have only one rule:

RED-Interface -> ANY -> Internet IPv4 / Internet IPv6 (I also tried setting ANY instead of IPv4/6, but no luck)

I only think it can be a misconfiguration in firewall, because local access is working so far like a charm

can anybody give me a solution? Disappointed



This thread was automatically locked due to age.
Parents
  • Hi,

    Maybe your Masquerading is not configured properly. Check that on "Network" a network is configured (in the list box preselect "Interface networks" and select the right source network).

    What says the Firewall Log for connections from a RED network to the internet?

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

  • thats the point.. firewall marks traffic from the device behind RED green, so it should be working, but it isn´t.. when I ping google.de it shows the right IP in firewall with no problem and it should went through.. IP google.de 142.250.185.99:80

    so what could be the problem?



    screenshot
    [edited by: Sophos User6006 at 4:58 PM (GMT -7) on 1 Jun 2022]
  • as said, it could be a wrong configured Masquerading. Have you checked it as mentioned (is the 192.168.20.104 IP in the range of any Masquerading Network?).

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

  • yes, masquerading is correct. when I´m connected directly to the UTM, internet is working from same network, even same IP-address. also I can connect via RED per RDP to a VM on local network, direct attached to UTM and have internet, only behind the RED I don´t have internet, just local network

Reply
  • yes, masquerading is correct. when I´m connected directly to the UTM, internet is working from same network, even same IP-address. also I can connect via RED per RDP to a VM on local network, direct attached to UTM and have internet, only behind the RED I don´t have internet, just local network

Children
No Data