Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 4475 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos RED XG to UTM Access Issues

silvesj

Hello - Just moved to the XG firewall, but still running a UTM on the client end. We use a RED tunnel (XG to UTM) for access to some resources we manage.

The RED connection seems to be working 100%. I see both XG and UTM showing as up and running and I can ping the client RED IP from Sophos XG diagnostics.

However, I can't for the life of me access the client resources. Other than changing out the RED connection client side, I made no other changes as all the rules worked when it was UTM to UTM.

XG's policy tester both firewall and web say it's allowed, and I can see on the client UTM logs that my traffic is coming over, but that's it. In this case I'm trying to access a HTTPS (443) resource.

 However from my PC I cannot ping, tracert, or hit the client's RED IP or the HTTPS resource.

 

I do have a static route setup, which again I assume is working since XG can ping the resources, and I can see on the Client's UTM my IP making it's way over. Doesn't appear any traffic is dropped per their logs.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to LuCar Toni

    So pinging both appliances from each appliance works without any issue. Pinging from my the other appliance from my host I see the traffic being dropped.

     

    I was able to get this "semi" resolved by on the XG setting it to NAT on the firewall rule. So now all traffic from my end has the same IP, but I don't really like that for auditing/monitoring purposes.

     

    I duplicated all rules for the NAT'd IP on the client side with my host IP, still failed.