Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 2 subscribers
  • Views 4095 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Connecting two RED subnets

stormo
Hello everyone,
we have the following scenario:
1 UTM ASG 220 with an internal network: 192.168.2.0/24
RED1 with a network: 192.168.1.0/24
RED2 with a network: 192.168.3.0/24

We are able to ping an IP in the internal network of the UTM from both the two RED networks. The problem is that we are not able to ping an IP of a machine inside a RED1 network from RED2 network and vice versa.
All computers inside all networks can go on Internet.

Just for testing reasons, the two RED devices are using the same internet connection (WAN).

We have tried in the following ways: 
1) Firewall rules: RED1 network-> Any -> RED2 network and RED2 network-> Any -> RED1 network
2) NO NAT: RED1 -> RED2 and RED2 -> RED1
3) Static routing

Neither of the previous ways work.
Actually, we can see in the firewall logs that the NO-NAT rule is satisfied, but neither a ping request or a web request versus a web server on a RED2 machine are working.

We have also tried using a bridging rule, but we need a different network for each RED device.

I hope you guys can help us.


This thread was automatically locked due to age.
Parents
  • 0
    Hi, malachite and stormo, and welcome to the User BB!

    Changing internet connections should not have affected your original problem.  I don't understand the last post - how do you know it works if the RED can't connect?

    In post #1, 1) should have worked and 2) and 3) should have had no effect.  When you say it didn't work, what does that mean?  If it's about pinging, then that's regulated on the 'ICMP' tab of 'Firewall'.

    See #1 in https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/22065.  Any info about this in one of those?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Hi, malachite and stormo, and welcome to the User BB!

    Changing internet connections should not have affected your original problem.  I don't understand the last post - how do you know it works if the RED can't connect?

    In post #1, 1) should have worked and 2) and 3) should have had no effect.  When you say it didn't work, what does that mean?  If it's about pinging, then that's regulated on the 'ICMP' tab of 'Firewall'.

    See #1 in https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/22065.  Any info about this in one of those?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML