This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Filtering

I installed Sophos UTM OS today for the first time. I'm new to networking etc so I'm not sure how all this stuff works. I blocked a few sites but they are not being blocked. Is there some client config I need? I think I skipped a few network settings during first time setup. Please help
Thanks
Nicholas
@NicholasHayman


This thread was automatically locked due to age.
Parents
  • Hi Nicholas,

    Check the following settings and post screenshots for the same.

    Configure the Internal Network host in Allowed Network for DNS global settings.

    Add Internal Network in the Allowed Network for Web Protection global settings.

    If the websites are gettings blocked, do a policy helpdesk test and verify which Filter Action blocks the request. Allow the website from the same.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Hi,

     

    I tried what you said but everything you said seems to be set okay. The only thing I can think of is the External (Wan) down interface isn't showing any activity, perhaps I have that configured wrong? I have BT Openreach Fibre to the Cabinet in the UK. Also how will the incoming network traffic know to pass through the UTM, how do UTMs work exactly?

     

    Thanks for your help

    Nicholas

  • Clients don't have to be physically connected to the UTM. Being in the same subnet will suffice. They do however need the UTM as their default gateway so traffic to the internet travels through the UTM.

    I'm afraid I cannot help you further with your Infinity connection. IPv6 doesn't have to be turned on if not used.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • Guys, I've read through this and I think, Nicholas, you might want to do a factory reset of your UTM VM and start over, but it's really not clear what you're working with...

    1. What hardware are you using to run the virtualization - a laptop?  What CPU?  How much RAM does it have.  Which virtualization?
    2. How much RAM and how many Processors have you allocated to the UTM VM?
    3. How many users will be on simultaneously?  What and whom do you want to control/protect?  Are you only interested in anti-virus for web surfing and filtering your kids' web accesses?
    4. What connection speed do you get from BT?
    5. Can the BT modem be put in bridge mode so that the UTM can have a public IP instead of something in 192.168.x.y?
    6. Is the BT modem also a wireless router, or just a router and you have a separate wireless access point?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

     

    1. Yes, a laptop. Intel Core i5-5250U CPU, 4GB RAM, VMWare.

     

    2. 2GB ram and 1 processor

     

    3. Probably 5 at the most at any one time. I don't want to use the really advanced features but things like anti virus, web filtering and basic firewall I would like to use.

     

    4. I get 30mbps down and 6mbps up.

     

    5. To be honest I'm not sure.

     

    6. Yes, it is a modem and wireless router in one although I have a separate Ubiquiti UniFi wireless access point too, to extend the coverage.

     

    Thanks

     

    Nicholas

  • 1. If you want to run ESXi or VMWare Workstation, you will want to expand your RAM.  At least to 8GB, but to 16 if possible.  Running the UTM on VMWare Player is not recommended except for experimenting - definitely not for protecting up to five people.  Select the VMXNET3 virtual NICs.

    2. Bump that up to 3GB if you add items in #3.

    3. Yes, with the limited resources at your disposal, you won't want to have Intrusion Prevention or application Control active.

    4. Your setup should be able to handle that with the caveats listed here.

    5. Usually, the best approach for home use is to bridge the modem, disable wireless and disable DHCP service.  This lets the UTM have a public IP.  Since you have a laptop with only a single, wired NIC, that's not practical.

    5.a. If you apparently also want to be able to use the laptop, your best bet may be to configure a single Interface, Internal, that uses the wireless and forget about the wired connection.

    5.b. You would then configure the UTM to have a fixed IP with the BT modem as default gateway and setup DHCP on the UTM or BT device to hand out the IP of the UTM as default gateway.  If you want to be able to control all traffic with the UTM, then set the BT device's firewall to block all traffic from IPs other than the UTM's "Internal (Address)" IP.

    Thoughts?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi,

     

    Thanks for your help, I'm still really keen to get this working. 

     

    I would like the BT Home Hub to continue to do the routing, DHCP allocation and DNS allocation. If possible I want traffic going to certain devices only to pass through the Sophos UTM. I tried setting the default gateway of my client device to the IP of my UTM but I couldn't get to any pages, the connection just timed out. 

     

    Your help is appreciated (: 

  • Do you have masquerading rules?


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • I'm not quite sure what that means sorry ): But I believe the issue must be with the WAN interface. I would like my BT Home Hub Modem/ Wireless router combo unit to continue to do the routing a DCHP etc.

  • He meant to check #3.1 in Rulz, Nicholas.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I think you are way over your head with the Sophos UTM.  If all you need are things like anti virus, web filtering and basic firewall, then use Sophos Home at https://home.sophos.com

    Good Luck

  • Thanks Patrick, I do actually already have Sophos Home on all of our machines I was just looking for something a bit more advanced at more of a network level.

     

    Thanks

     

    Nicholas

Reply Children
No Data