Hi Folks,
I am having this strange issue and hopefully I can get a good pointer in this forum. Let me start with the explanation of my XG Firewall Setup.
I am currently running the XG Firewall Free Edition. I am using VMWare as my hypervisor and the XG Firewall VM is having three vNICs as follows:
- vNIC 1 -> LAN Port (VLAN/PortGroup 777 in the vSwitch)
- vNIC 2 -> WAN Port (VLAN/PortGroup 666 in the vSwitch)
- vNIC 3 -> DMZ Zone (Unused)
I have setup Cisco VPN Configuration and have been successfully connected to the XG from my laptop. I can browse to Internet through this VPN tunnel which also proves that my NAT (LAN-to-WAN) configuration is working. To provide more proof, I went browsing to whatismyip.com from my laptop and it shows the IP of my WAN IP of my XG Firewall.
Now, I have another VM in my ESX and setup one vNIC only in VLAN/PortGroup 777 for this port. I can do ping to the LAN IP of my XG Firewall just fine, however, if I try to do ping to Internet, it never works. A traceroute test shows that the traffic stops at the gateway which is the XG Firewall. The NAT configuration is completely similar to the configuration of VPN NAT, the only difference is the source zone.
Please find the configuration page of the two NAT Rules in the attachment.
Any pointers why the NAT rule does not work LAN-to-WAN traffic? Any spesific configuration to be done in the vSwitch, Sophos Device Console, or anywhere else?
Hope someone could give me some pointers.
Thanks.Sophos-NAT-Problem.pdf
This thread was automatically locked due to age.
