Hi. I have a problem with connectivity between two subnets on my sophos XG.
The Sophos XG is my router and firewall and have 2 interfaces, one for wan and one for LAN. The LAN interface has 3 alias with 3 subnets, lets say 10.1.1.0/24, 10.1.2.0/24 and 10.1.3.0/24. The interface itself has the IP 10.1.4.1.
The problem is that when I added a new linux server to the 10.1.2.0 network it cant connect to the AD on 10.1.1.0 network. Other servers/pc running windows has no problem with this.
When I try to ping from the server it sometime works but I get redirect host. When connecting another computer (windows) to the same subnet and trying to ping the AD server it works. If i connect the same windows computer to the same network as the AD and trying to ping the windows computer from the linux server sophos redirects the trafic but it sometimes gets through.
The output from the linux server say:
64 bytes from 10.1.1.10: (......) time =1ms
From 10.1.2.1: icmp_seq902 redirect Host (new nexthop: 10.1.1.10)
After some time it fails with host unreachable. The next time it usaly dont work at all or after a very long time.
In the firewall rules i got rules allowing trafic between the subnets, to WAN and to 2 site-to-site VPNs. The VPNs rules doesnt allow the 10.1.2.0 network only the 10.1.1.0 network and the 10.1.3.0 network.
I cant figure out what is causing this problem. Would like every help I can get.
This thread was automatically locked due to age.
