I have been brought in to kind of 'pick up the pieces' after a previous person left, so I'm a bit behind, so you'll have to excuse my unfamiliarity with the Sophos XG Firewall and RED devices, I've not been in charge of configuring many of them in the past, and they're (at least when working right) usually pretty transparent to on-site persons.
The company has one 'head office' where the firewall is, and 9 remote sites, each with a RED 15 device at each remote site which everything is behind, so each remote site is like this:
<Internet>
||
ISP Gateway Device (AT&T)
||
RED 15
||
Ethernet Devices and Wireless Access Point
I am told that this is using a 'split' configuration, so only traffic destined for the remote LAN will go over the tunnel, the rest just goes out over the Internet.
Now, most of the sites are fine, but this one in particular has a problem, which has the following symptoms:
The PCs can currently access the Internet as long as they are doing so via IPv6.
But, they CANNOT ping eachother (no matter what I do, even though they should be able to, no per machine firewalls blocking anything) with their Windows Host names or IPv4 addresses.
They also cannot be seen/accessed by devices at the 'home office' where the XG Firewall device is, nor can they access the 'home office' machines.
They also cannot access the Internet via IPv4.
The machines behind the RED 15 device are getting IPv4 addresses from the ISP Gateway Device (Supplied by AT&T). (I'm assuming that this is normal? I actually have no idea if the RED 15 device is supposed to assign IPs or if the ISP Gateway should be doing this. Though, this doesn't make SENSE to me and seems wrong from my experience with other similar setups.)
This thread was automatically locked due to age.
