Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 24 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 4219 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Creating second physical LAN but no internet access is available

Daniel Cook2

Hi there ,

relatively new to Sophos firewall however I currently have it setup at home feeding direct 100 mbit connection from the wall to my firewall with a switch that’s fully occupied under 17.16.16.1/24 ip range for a few devices and my wireless AP.

im connected another box to my port 3 on my sophos firewall which I want to use as a proxmox appliance and assigned it 17.16.16.1 range however it doesn’t get any internet at all?

what could I be doing wrong?



This thread was automatically locked due to age.
Parents
  • 0

    Do you have a firewall rule in place allowing traffic out from the new network?

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    I do not - is there a specific rule that I need to create ?

  • 0 in reply to rfcat_vk

    Hello,

    I have done this, and it's still not having any traffic out/in

    \

  • 0 in reply to Daniel Cook2

    The address of the promox is in a different network, did you change it to a172.16.17.0/24 address?

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • +1 in reply to Daniel Cook2

    Are you using linked Nat rules? For a test please change the   Source network to 172.16.17.0/24. Also please post a full copy of your firewall rule. Next what does logviewer show when you use the refined view based on the ip address?
    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    hello,

    no I’m not using linked nat rules - how can I get the full firewall rule and paste it here?

  • 0 in reply to Daniel Cook2

    Hi,

    I see you did that above, please tick log the traffic then try a connection to see what appears in log viewer.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    There’s absolute no traffic coming out of port3 at all? I’m super confused since it’s up and the device has an ip 

  • 0 in reply to Daniel Cook2

    Where does logviewer show the ip address traffic going?
    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Time,Log comp,Log subtype,Username,Firewall rule,Firewall rule name,NAT rule,NAT rule name,In interface ,Out interface ,Src IP,Dst IP,Src port,Dst port,protocol,Rule type,Live PCAP,Message,Log occurrence,
    2022-12-16 07:24:46,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57510,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:46,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57512,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:42,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57512,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:42,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57510,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:41,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,142.251.211.234,59368,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:41,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57512,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:40,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57510,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:40,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57512,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:40,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,172.217.14.214,57510,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:40,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.31,13.224.11.97,54278,443,TCP,0,Open PCAP,Could not associate packet to any connection.,1,
    2022-12-16 07:24:39,Invalid Traffic

  • 0 in reply to Daniel Cook2

    i think i found the cause....

    Time,Log comp,Log subtype,Username,Firewall rule,Firewall rule name,NAT rule,NAT rule name,In interface ,Out interface ,Src IP,Dst IP,Src port,Dst port,protocol,Rule type,Live PCAP,Message,Log occurrence,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,5,#Default_Network_Policy,3,#NAT_Default_Network_Policy,,,172.16.16.40,104.73.1.181,63389,443,TCP,1,Open PCAP,Invalid TCP state.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,N/A,,0,,Port1,,172.16.16.40,104.73.1.181,63389,443,TCP,0,Open PCAP,Invalid packet.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,5,#Default_Network_Policy,3,#NAT_Default_Network_Policy,,,172.16.16.40,104.73.1.181,63389,443,TCP,1,Open PCAP,Invalid TCP state.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,N/A,,0,,Port1,,172.16.16.40,104.73.1.181,63389,443,TCP,0,Open PCAP,Invalid packet.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,5,#Default_Network_Policy,3,#NAT_Default_Network_Policy,,,172.16.16.40,104.73.1.181,63389,443,TCP,1,Open PCAP,Invalid TCP state.,1,
    2022-12-16 08:15:27,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.23,17.248.130.7,0,0,TCP,0,Open PCAP,Invalid TCP source port.,1,
    2022-12-16 08:15:25,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.23,17.248.130.7,0,0,TCP,0,Open PCAP,Invalid TCP source port.,1,

Reply
  • 0 in reply to Daniel Cook2

    i think i found the cause....

    Time,Log comp,Log subtype,Username,Firewall rule,Firewall rule name,NAT rule,NAT rule name,In interface ,Out interface ,Src IP,Dst IP,Src port,Dst port,protocol,Rule type,Live PCAP,Message,Log occurrence,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,5,#Default_Network_Policy,3,#NAT_Default_Network_Policy,,,172.16.16.40,104.73.1.181,63389,443,TCP,1,Open PCAP,Invalid TCP state.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,N/A,,0,,Port1,,172.16.16.40,104.73.1.181,63389,443,TCP,0,Open PCAP,Invalid packet.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,5,#Default_Network_Policy,3,#NAT_Default_Network_Policy,,,172.16.16.40,104.73.1.181,63389,443,TCP,1,Open PCAP,Invalid TCP state.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,N/A,,0,,Port1,,172.16.16.40,104.73.1.181,63389,443,TCP,0,Open PCAP,Invalid packet.,1,
    2022-12-16 08:16:19,Invalid Traffic,Denied,,5,#Default_Network_Policy,3,#NAT_Default_Network_Policy,,,172.16.16.40,104.73.1.181,63389,443,TCP,1,Open PCAP,Invalid TCP state.,1,
    2022-12-16 08:15:27,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.23,17.248.130.7,0,0,TCP,0,Open PCAP,Invalid TCP source port.,1,
    2022-12-16 08:15:25,Invalid Traffic,Denied,,N/A,,0,,,,172.16.16.23,17.248.130.7,0,0,TCP,0,Open PCAP,Invalid TCP source port.,1,

Children
Unfiltered HTML