Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 643 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wifi Protection behind RED Tunnel / Bridge

Jan Gatzke

We have a new office with an XGS 2100 which is connected to our central UTM SG via RED. We have created a bridge on both sides for the office LAN and multiple WiFi networks. All traffic is routed via the central UTM. (UTM is default gateway) Our WiFi access points are managed via the central UTM, too. Wifi protection is disabled at the XGS. The Access Points in the new office do not appear in the UTM's AP list. I can successfully open a connection to the UTM (via default gateway IP) using port 2712. However I cannot connect to 1.2.3.4 on port 2712. I captured the traffic of one of the APs and found out, that des XGS 's firewall is dropping the packets to 1.2.3.4. (reason is violation) I already have a firewall rule in place which allows all traffic. Has anyone an idea how I can make the XGS allow these packets?



This thread was automatically locked due to age.
Parents
  • 0

    probably, the XGS is dropping it because of the service not enabled here. As this is one of the built-in IP, I'm not sure if it is possible to NAT the traffic to the upstream UTM but I believe this needs to be done. Hope, someone can confirm this.

    Is the IP 1.2.3.4 included of the IPSec (?) Tunnel between XGS and UTM?

  • 0 in reply to LHerzog

    Thanks for your quick reply! I have activated WiFi Protection under device access, but the connection is still being dropped. 

    I have tried to DNAT the 1.2.3.4 to the UTM already, but that did not work either.

Reply Children