Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 2 answers
  • Subscribers 28 subscribers
  • Views 11069 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Routing Statements

TommyGunnah

Hey everyone,

 

I have an XG 330 here and I'm trying to figure out to do a simple static route such as

 

Source >> Dest >> Gateway

192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 192.168.2.1

 

It seems as those when I go to the routing tab I don't really see this option anywhere..Is it done within the firewall rules area?

 

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    Hi Tommy,

    Would you not be able to build this under Routing > Static Routing?

    Thanks,

    Karlos

  • 0 in reply to Karlos

    Hi,

    When I try this guide it pops up a dialogue saying that "Gateway IP and interface IP must be in the same network". When I put them in the same network it instead pops up a dialogue saying that "Gateway IP adress must be different from interface IP Adress".

  • 0 in reply to Johan Ekblom

    Seems that is wrong config. If you want to access 10.0.1.0 network through another router or a bb switch you need to write it as follows

    I want to access : 10.0.1.0/24 network

    My next hop will be : 10.0.2.2 (backbone)

    backbone is connected to : Port 2 with an ip address of 10.0.2.1

    On this config, your next hop device must be in same network with connected port and must be different ip addresses on same network. Else you will have an ip conflict.

  • 0 in reply to ErenERTAS

    ErenERTAS, thanks for your reply!

    I have three interfaces in my Sophos XG FW.

    Port1 for client network, called internal (10.0.1.0/24)

    Port2 for virtual servers, called backbone (10.0.2.0/24)

    Port3 for WAN with fiber connection and DHCP.

    The nets are connected through the XG firewall and nowhere else. The routing therefore needs to happend through the XG FW. In Sophos UTM I did this by creating static routes between the nets that I then added security on top of. I then pointed out the UTM Interfaces as gateways in the respective nets. 

    I want to make a similar routing setup with XG FW, but haven´t succeeded.

    Routing and MASQ from both nets to WAN works fine. Routing between Internal and Backbone is not working.

     

    Any advices?

  • 0 in reply to Johan Ekblom

    If you don't have any core switches, any managable layer 3 switches or routers that manages your intranet routing, then you don't need routing. Sophos can route all traffic directly connected itself. But the point is you need to allow them manually by writing firewall rules from LAN to DMZ and from DMZ to LAN or from/to LAN to LAN to allow that traffic pass.

Reply
  • 0 in reply to Johan Ekblom

    If you don't have any core switches, any managable layer 3 switches or routers that manages your intranet routing, then you don't need routing. Sophos can route all traffic directly connected itself. But the point is you need to allow them manually by writing firewall rules from LAN to DMZ and from DMZ to LAN or from/to LAN to LAN to allow that traffic pass.

Children
No Data