Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 5 subscribers
  • Views 4260 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Access to WEBADMIN UTM on Local Area Network

Fausto Cepeda

Greeting,

What do I need to do to access WEBADMIN which does not sit on the local network? 

Everything works on the UTM 9 .. it's great, but every time I need to configure, I have to physically connect to the box directly.. Bummer.

Basically its like this:  Wifi&lan Router,  DHCP 192.168.1.x   ,, every one connect connects here.  The WAN side of this  Wifi router connects too the UTM 9 Firewall by DHCP   

Webadmin is on 90.0.0.250 (Static IP) DHCP serves 1 ip address (90.0.0.251.

FIBER AT&T External WAN  (Dynamic IP).

 

 

 



This thread was automatically locked due to age.
  • 0 in reply to Fausto Cepeda

    Hello Fausto,

    what's the reason to use that DLINK at all?

    Is this for WiFi?

    Is it that you don't have a LAN-switch at home?

    Regards from Germany,

    Philipp

  • 0 in reply to jprusch

    It's one of those high-end dual band wifi 1200mbs, with 8 1gig ports, QOS, VPN .etc...etc. extended range.  I game and stream. My cable is 1gb speed

  • 0 in reply to Fausto Cepeda

    OK, I see.

    Is that WiFi network bridged to the LAN? I mean, do you have the same network addresses on both segments?

    What disturbs me is that pseudo public IP you are using as a transfer net between DLINK and the UTM.

    I know, that you did this to avoid having configuration effort with the DLINK, because it expects a public IP on the WAN side. I guess it auto-establishes a NAT between LAN and WAN and sets a defaultroute for all LAN-members to the WAN-interface as Gateway. Right?

    Funny enough, the 90.0.0.250 and 90.0.0.251 seem to not been given out to public yet. Lucky you.

    Personally, I would reconfigure the DLINK to act as a local gateway without doing NAT. You would have to assign an IP like 192.168.2.1 /24 to the "WAN"-interface of the DLINK and 192.168.2.254 /24 to the  "internal" eth0 of the Sophos. Then 192.168.2.254 is your GW to the internet. Let the DHCP-server inside the DLINK give out addresses to WiFi and LAN with the Sophos as GW and DNS. On the Sophos setup a route to your 192.168.1.0 /24 netwotk behind the DLINK with 192.168.2.1 as the GW. That's it.

    Now you have the Sophos doing the NAT-part and can gain control with firewall/NAT-rules over this.

    The Sophos would do the DNS resolving and forwarding, use the DNS cache to speed things up and so on.

     

    Regards from Germany,

    Philipp