This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Transparent Proxy in combination with a Bridge Interface - Full Transp. necessary?

Hi guys,

I have a setup here, where the sophos is bridged into the connection between the external L3 firewall and the internal network. Now, with the sophos connected, we are facing problems with the connection. It looks like, we now periodically have timeouts and packetloss.

I configured the proxy to act in transparent mode (needed to add the bridge interface address to the transparent src host skiplist). I´ve read kb article 119360 (https://www.sophos.com/en-us/support/knowledgebase/119360.aspx) and there I saw, that full transparent mode should be configured.

Is it necessary (required by the utm) to configure full nat mode in combination with a bridge interface or is it optional, up to the customers needs?

Best Regards

Sebastian

This thread was automatically locked due to age.

Parents

0 BAlfson over 8 years ago

Well, yes and no. In Transparent mode, Full gives you the ability to let the perimeter router do the masquerading instead of having a double NAT. However, that may not be an issue in the network in question, and regular Transparent should work just fine.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 8 years ago

Well, yes and no. In Transparent mode, Full gives you the ability to let the perimeter router do the masquerading instead of having a double NAT. However, that may not be an issue in the network in question, and regular Transparent should work just fine.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data