Sophos UTM Internal Routing

Hi,

I have not really made progress on this since it works without using our customer IP subnet. Currently, as a workaround, we are simply using Masquerading, 12.252.---.226 as the Sophos UTM WAN IP address and 12.252.---.225 as the gateway. It looks like it is possible to configure NAT rules for our scenario and add our customer IP subnet as additional IP addresses for the WAN interface. In theory this all works as long as you don't use the web filter. As soon as you use the web filter (and internal proxy I guess) the settings for outgoing IP address get ignored and the primary WAN IP address is used for outgoing traffic. I read this somewhere else in a different thread but have not really found a solution yet or a recommended way of implementing this properly. As soon as I have a solution, I will post it here.

Best,
Daniel

Here is a more detailed explanation with screen shots on how we configured this on our Sophos UTM: https://community.sophos.com/products/unified-threat-management/f/network-protection-firewall-nat-qos-ips/77171/how-do-i-configure-at-t-eamis-wan-subnet-routing

As of Sophos UTM 9.5 it is still not working when the Web Protection > Web Filtering is active for a certain network or host.

Please post a solution in case you have solved for this scenario.

Here is a more detailed explanation with screen shots on how we configured this on our Sophos UTM: https://community.sophos.com/products/unified-threat-management/f/network-protection-firewall-nat-qos-ips/77171/how-do-i-configure-at-t-eamis-wan-subnet-routing

As of Sophos UTM 9.5 it is still not working when the Web Protection > Web Filtering is active for a certain network or host.

Please post a solution in case you have solved for this scenario.