Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 4 subscribers
  • Views 86335 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM Internal Routing

a_user
Hi,

Can the Sophos UTM provide internal routing functionality? Ie. Able to handle multiple gateways and routing between subnets? I am hoping I can use the device in place of having to purchase an additional routing specific device. 

Thanks


This thread was automatically locked due to age.
Parents
  • 0

    Hi all,

    I think this internal routing question goes hand in hand with my problem.

    At one of our new locations where we installed a new AT&T fiber optic internet circuit we received different routing and IP information than for our other locations where we have fiber optic internet service. Usually (from Zayo, Verizon, etc.) we simply receive our IP addresses (IP subnet), a gateway and a subnet mask to configure the WAN interface with on our Sophos UTMs. At those locations and the new one we simple get fiber optic handoffs from the carriers that we run into our Sophos UTMs (with FleXi Port modules).

    At our newest location where we are in the process of installing an AT&T fiber optic circuit we received the following:

    AT&T Router WAN IP:  12.252.---.225/30
    Customer Router IP: 12.252.---.226/30
    Customer LAN IP:  12.97.---.120/29
    SubNet Mask: 255.255.255.248

    AT&T separates here into customer WAN and customer LAN. For us both subnets are WAN facing even the customer LAN portion. The customer LAN portion we actually want to use as our WAN IP addresses that we assign to our external interface. As always internally we use the Sophos UTM DHCP service to assign internal IP addresses.

    To me this looks like as if I had to do some additional WAN routing.

    How do I configure all this on just the Sophos UTM? If you can help, please explain the steps in detail. I do not want to install a separate additional router that is in between the Sophos UTM and the carrier handoff.

    Your help is greatly appreciated!
    We are really stuck here.

    Best,
    Daniel

  • 0 in reply to DanielKoenig

    Hi, Daniel, and welcome to the UTM Community!

    I just finished solving an IPsec VPN problem with an AT&T uVerse Residential Gateway for a client in Memphis.  The blasted device couldn't be configured as a bridge.

    AT&T's solution was some sort of hybrid NAT where web accesses went out with the client's IP, but UDP 500 and pings from the client's central site were sent from the public IP of the AT&T Gateway. It took two hours of monkeying with that thing and two different AT&T support engineers before that became clear.

    If AT&T can't give you a proper connection that behaves well, you will wind up wasting hours and then paying someone like me $500+ to help you figure out what's going on and then how to make things work.  Good luck!

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    Thank you for your response. I appreciate it. Do you have no idea at all how AT&T wants their customers to implement the scenario I described? Not even in theory? AT&T calls this product unmanaged EaMIS. As far as I know it is one of their enterprise products.

    Thanks,
    Daniel

Reply
  • 0 in reply to BAlfson

    Hi Bob,

    Thank you for your response. I appreciate it. Do you have no idea at all how AT&T wants their customers to implement the scenario I described? Not even in theory? AT&T calls this product unmanaged EaMIS. As far as I know it is one of their enterprise products.

    Thanks,
    Daniel

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML