I followed the instructions in the Administration Guide for Gateway Manager 4.300.pdf and already have my local Sophos gateway communicating with the local SUM. The remote gateway is configured and hitting the local UTM.
The firewall logs show the following:
07:16:40 NAT rule #3 TCP
***.***.***.*** : 51926
→
***.***.***.*** : 4433
[SYN] len=60 ttl=53 tos=0x00 srcmac=00:01:5c:66:c0:46 dstmac=00:1a:8c:43:40:59
So it appears that the DNAT rule is working, however the second IP in that log is the external IP of the local UTM. I do not see any reference to the LAN IP of the SUM Server in the firewall logs.
In the SUM=> Sophos UTM Manager, the allowed networks is set to 'Any'. For testing purposes, I am not requiring a shared secret. The same behavior occurred when the shared secret was required.
The SUM is running 4.300-4 (no pending updates)
The UTM's are running 9.310-11 (no pending updates).
Below is the log from the central managment page of the remote gateway. Any help would be appreciated.
2015:04:25-07:10:53 ***x device-agent[19580]: 1 is not connected. Trying to connect
2015:04:25-07:10:53 ***x device-agent[19580]: Updating SUM IP address for path: acc/server1/server
2015:04:25-07:10:53 ***x device-agent[19580]: [1] Connecting to SUM (ip=***.***.***.***, port=4433).
2015:04:25-07:10:53 ***x device-agent[19580]: [1] Using SUM SSL connection.
2015:04:25-07:10:58 ***x device-agent[19580]: [1] SUM connection failure, retrying (ip=***.***.***.***, port=4433). SSL-connect: 'IO::Socket::INET6 configuration failed'
2015:04:25-07:11:04 ***x device-agent[19580]: [1] SUM connection failure, retrying (ip=***.***.***.***, port=4433). SSL-connect: 'IO::Socket::INET6 configuration failed'
2015:04:25-07:11:05 ***x device-agent[19580]: [1] Connection failed (ip=***.***.***.***, port=4433).
2015:04:25-07:11:05 ***x device-agent[19580]: Not reporting inotify: no role
2015:04:25-07:11:05 ***x device-agent[19580]: timer2 -> module 1 not executing: denied by role
2015:04:25-07:11:05 ***x device-agent[19580]: timer2 -> module 2 not executing: denied by role
2015:04:25-07:11:05 ***x device-agent[19580]: timer2 -> module 3 not executing: denied by role
2015:04:25-07:11:05 ***x device-agent[19580]: timer2 -> module 4 not executing: denied by role
2015:04:25-07:11:05 ***x device-agent[19580]: timer2 -> module 5 not executing: denied by role
2015:04:25-07:11:05 ***x device-agent[19580]: timer2 -> module 6 not executing: denied by role
2015:04:25-07:11:05 ***x device-agent[19580]: timer2 -> module 7 not executing: denied by role
2015:04:25-07:11:10 ***x device-agent[19580]: timer2 -> module 1 not executing: denied by role
2015:04:25-07:11:10 ***x device-agent[19580]: timer2 -> module 2 not executing: denied by role
2015:04:25-07:11:10 ***x device-agent[19580]: timer2 -> module 3 not executing: denied by role
2015:04:25-07:11:10 ***x device-agent[19580]: timer2 -> module 4 not executing: denied by role
2015:04:25-07:11:10 ***x device-agent[19580]: timer2 -> module 5 not executing: denied by role
2015:04:25-07:11:10 ***x device-agent[19580]: timer2 -> module 6 not executing: denied by role
2015:04:25-07:11:10 ***x device-agent[19580]: timer2 -> module 7 not executing: denied by role
This thread was automatically locked due to age.
