i have problem when add filtering rules in sophos vm to block icmp when ping ubuntu vm ip. icmp stay reply, i feel vm sophos firewall don't connect with ubuntu. Can you help me everybody?
thankyou
This thread was automatically locked due to age.
i have problem when add filtering rules in sophos vm to block icmp when ping ubuntu vm ip. icmp stay reply, i feel vm sophos firewall don't connect with ubuntu. Can you help me everybody?
thankyou
ok sir, i try it.
from trying 2 network schema, for ip :
- ip ubuntu server : 192.168.10.2/24
- ip sophos (2 interface)
port2 (as gateway ip ubuntu server) >> 192.168.10.1/24
port1 (interface connect to client) >> 192.168.1.2/24
- ip client : 192.168.1.1/24
- ip vm esxi : 192.168.1.5/24
summary :
1. client can ping interface vm firewall (port 1, port 2) & ip vm esxi, but cannot ping ip ubuntu (rto)
2. ubuntu can ping interface vm firewall (port 1, port 2) , but cannot ping ip vm esxi & cannot ping ip client
i have done for :
1. add static routing in sophos
2. add gateway in interface client & ubuntu
3. delete firewall rules & ACL rules in vm sophos firewall
can you help me sir for this case?
I am confused: at first you wanted to BLOCK icmp packets from client reaching the ubuntu server, now that we achieved this, you want them to get through?
You will nedd to define a firewall-rule to access your FTP-server on the ubuntu-system from your client. That's all.
And static routing on the Sophos-system is not needed, as the Sophos-VM has a leg in both networks. So the IP-routing already "knows" about these two networks. The rest was already correct, the clients has to have 192.168.1.2 as gateway and the ubuntu-server has to use 192.168.10.1 as gateway.
You are almost done.
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.