Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 24 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 4219 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Creating second physical LAN but no internet access is available

Daniel Cook2

Hi there ,

relatively new to Sophos firewall however I currently have it setup at home feeding direct 100 mbit connection from the wall to my firewall with a switch that’s fully occupied under 17.16.16.1/24 ip range for a few devices and my wireless AP.

im connected another box to my port 3 on my sophos firewall which I want to use as a proxmox appliance and assigned it 17.16.16.1 range however it doesn’t get any internet at all?

what could I be doing wrong?



This thread was automatically locked due to age.
Parents Reply Children
  • +1 in reply to Daniel Cook2

    Are you using linked Nat rules? For a test please change the   Source network to 172.16.17.0/24. Also please post a full copy of your firewall rule. Next what does logviewer show when you use the refined view based on the ip address?
    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    hello,

    no I’m not using linked nat rules - how can I get the full firewall rule and paste it here?

  • 0 in reply to Daniel Cook2

    Hi,

    I see you did that above, please tick log the traffic then try a connection to see what appears in log viewer.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    There’s absolute no traffic coming out of port3 at all? I’m super confused since it’s up and the device has an ip 

  • 0 in reply to Daniel Cook2

    Where does logviewer show the ip address traffic going?
    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Time,Log comp,Log subtype,Username,Firewall rule,Firewall rule name,NAT rule,NAT rule name,In interface ,Out interface ,Src IP,Dst IP,Src port,Dst port,protocol,Rule type,Live PCAP,Message,Log occurrence,
    2022-12-16 07:24:46,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57510,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:46,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57512,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:42,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57512,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:42,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57510,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:41,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,142.251.211.234,59368,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:41,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57512,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:40,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57510,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:40,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57512,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:40,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57510,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:40,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,13.224.11.97,54278,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:39,Invalid Traffic

  • 0 in reply to Daniel Cook2

    i think i found the cause....

    Time,Log comp,Log subtype,Username,Firewall rule,Firewall rule name,NAT rule,NAT rule name,In interface ,Out interface ,Src IP,Dst IP,Src port,Dst port,protocol,Rule type,Live PCAP,Message,Log occurrence,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,5,#Default_Network_Policy,3,#NAT_Default_Network_Policy,,,172.16.16.40,104.73.1.181,63389,443,TCP,1,Open PCAP,Invalid TCP state.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,N/A,,0,,Port1,,172.16.16.40,104.73.1.181,63389,443,TCP,0,Open PCAP,Invalid packet.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,5,#Default_Network_Policy,3,#NAT_Default_Network_Policy,,,172.16.16.40,104.73.1.181,63389,443,TCP,1,Open PCAP,Invalid TCP state.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,N/A,,0,,Port1,,172.16.16.40,104.73.1.181,63389,443,TCP,0,Open PCAP,Invalid packet.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,5,#Default_Network_Policy,3,#NAT_Default_Network_Policy,,,172.16.16.40,104.73.1.181,63389,443,TCP,1,Open PCAP,Invalid TCP state.,1,
    2022-12-16 08:15:27,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.23,17.248.130.7,0,0,TCP,0,Open PCAP,Invalid TCP source port.,1,
    2022-12-16 08:15:25,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.23,17.248.130.7,0,0,TCP,0,Open PCAP,Invalid TCP source port.,1,

  • 0 in reply to Daniel Cook2

    I dont get it! still not working - so frustrating

  • 0 in reply to Daniel Cook2

    Hello Daniel,

    It looks like your routing is incorrect.

    On which port is PC with IP 172.16.16.23 connected?

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Unfiltered HTML