This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM install without NAT

Hi everyone!

I'm in the process of setting up Sophos UTM for my home network, but I've run into a few configuration issues.

I've been allocated a /24 for my own use. As such, I'd like to avoid using NAT, and instead have the Sophos appliance serve as a firewall and dhcp server.

I've been told that in order to achieve this, I should bridge the two interfaces (the "internal" one, and the "external one") together.

This worked fine for a few hours until the upstream router went down. At that point, devices outside of my network got a lease from my dhcp server, and became part of my internal network - oops.

Does anyone know if / how I can configure Sophos to act as a router and firewall but without NAT?

Thanks!

This thread was automatically locked due to age.

Parents

0 BAlfson over 10 years ago

Agreed, Drew, but my guess was that he was confused about that because I assume the folks in charge of the upstream router know their topology and routing.

The issue that apijnappels brought up is a different one; surprisingly, the default gateway of an interface on the UTM doesn't need to be in the netmask of the primary IP on the interface. Apparently, the programmers just assumed that they would ARP for the needed MAC address for the default gateway.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 10 years ago

Agreed, Drew, but my guess was that he was confused about that because I assume the folks in charge of the upstream router know their topology and routing.

The issue that apijnappels brought up is a different one; surprisingly, the default gateway of an interface on the UTM doesn't need to be in the netmask of the primary IP on the interface. Apparently, the programmers just assumed that they would ARP for the needed MAC address for the default gateway.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data