This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SNAT problems with new server

I am unable to get SNAT to work on one of my servers. I have SNAT working well for my mail servers, web servers, and my desktop. I can get the desktop to change external ip's on the fly with no problems. But I am installing a new Unbuntu web server and it is stubborn. It always shows that it is using the default gateway as its external ip. I am using the command 'curl' to get my external ip. I enabled log initial packets on the SNAT rule and I do see where it is logged in the firewall.log, but there isn't much information in the log as to the address translation itself. I also enabled the logging on my desktop to verify what the log display would look like when it was working. Rule #2 is my problem, and rule #4 is the desktop that I can set to any of the external ip's.

Is there another log I can look at to see how the translation is being handled or going off the rails?

I don't think it matters, but I have two internet connections with /28 subnets of assigned external ip's. I intend to use the webserver protection features for the new server but it is not handling the source translation either. I currently have the webserver protection options disabled.

This thread was automatically locked due to age.

Top Replies

  • Hi ,

    Thank you for reaching out to the Community! 

    Did you try to configure Masquerading from Network Protection > NAT > Masquerading > Add Masquerading rule > Network > Add the server…

Parents Reply
  • Mark, I guess I need to make clearer that 2.1 specifically includes this situation.  I would appreciate your suggestion.

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
No Data