Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 4 subscribers
  • Views 4005 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with RED tunnel between 2 UTM 9.4 (Home Edition)

Jean-François LAGARDE

Hi everybody,

I need your help because I have problems with configuring a RED tunnel between two UTM v9.4 (Home Edition) ...

It is very frustrating because it seems to work between the 2 UTM devices, but it doesn't seems to work with the other devices connected localy and remotely :


Just let me explain :

2 UTM devices :

- UTM A : 192.168.A.1 (local network LAN_A : 192.168.A.0/24)

- UTM B : 192.168.B.1 (local network LAN_B : 192.168.B.0/24)


The RED connnection is established with success :

- on UTM A : new interface called INTERFACE_B with static address 192.168.254.B

- on UTM B : new interface called INTERFACE_A with static address 192.168.254.A


then I've entered the following routing rules :

- on UTM A, a rule type "gateway route" created from remote network (LAN_B) through INTERFACE_B gateway (192.168.254.B)
- on UTM B, a rule type "gateway route" created from remote network (LAN_A) through INTERFACE_A gateway (192.168.254.A)


At  this step:
I can ping UTM B device from a PC connected on LAN_A (I can also acces to the WebAdmin console) ;-)
I can ping UTM A device from a PC connected on LAN_B (I can also acces to the WebAdmin console) ;-)


Then I've try to configure UTM firewall functions on both UTM devices but with no success :( using the following rules :
- Source : ANY
- Destination : ANY
- Service : ANY


But it doesn't seem to change anything :(

I can't access to any other remote devices through the RED tunnel except the UTM devices ... very strange ...

Any ideas ?
Thx

 

 



This thread was automatically locked due to age.
Parents
  • 0

    Are your LAN_A and LAN_B subnets 192.168.A.0/24 and 192.168.B.0/24 a different subnet as your RED IP's 192.168.254.A and 192.168.254.B?

    BTW, masquerading IP-addresses for RFC1918 (non-routable private subnets) doesn't add any security, so I think it's better to just list them as they are.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    Hi apijnappels,

    Thank you for your answer ;)

    In my example A=1 et B=2.

     

    I've tried to define RED IP's in the same subnet as LAN_A et LAN_B (as you have proposed):

    -RED IP on UTM A : 192.168.A.100 

    -RED IP on UTM B : 192.168.B.100 

     

    Unfortunately I've still have the same problem ...

    Thx

     

  • 0 in reply to Jean-François LAGARDE

    Thanks for clarifying. You must NOT put the REDs in the same subnet as your local LAN, they must be in their own separate subnet, otherwise it will be hard (if at all possible) to route packets between them.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Reply
  • 0 in reply to Jean-François LAGARDE

    Thanks for clarifying. You must NOT put the REDs in the same subnet as your local LAN, they must be in their own separate subnet, otherwise it will be hard (if at all possible) to route packets between them.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children
Unfiltered HTML