Hello! I'm testing UTM 9.3 in full transparent mode with no authentication (first time using Sophos). I have UTM set up as a VM sitting between two virtual switches "internal" and "external." "External" connects to the LAN of my network. "Internal" has only a test Windows machine on the same subnet as my LAN, which is forced to send all traffic through the UTM. The UTM has three network interfaces. One is used for management, and two interfaces are bridged, with one interface on "internal" and one on "external."
I have an ANY/ANY firewall rule, allowing all traffic to pass. In this configuration, everything works. My main testing revolves around Web Protection and Web Reporting. Web Protection is set to pass all, but log activity. When I enable Web Protection with Allowed Networks of "Any," I am not able to reach the internet. However, I am able to ping to the internet and resolve DNS queries. The live log shows my requests from my test Windows machine, and even recognizes forbidden URL requests.
If I remove "Any" from Allowed Networks and replace it with "Bridge (Network)," I am able to reach the internet from my test Windows machine. Unfortunately, with "Any," the live log does not show my requests, and I'm able to reach blocked websites. No traffic is logged.
I have attempted to configure a single host with just the IP address of my Windows machine, but I still can't reach the internet, even though the live log shows the requests.
What am I missing? [:S]
Thanks in advance for any suggestions you can provide.
This thread was automatically locked due to age.
