Cannot get WAN connection on UTM9

Hi and welcome,

do you have the modem in bridge mode?

I assume you are using ADSL2+ connection, so you need to set the UTM interface PPPoE or PPPoA.

Ian

Hi Ian and thanks for your reply. I don't currently have the modem in bridge mode as I wasn't sure it was necessary and I found no information anywhere to say I should. As I said I am new to this and these are suggestions I need to try. I was hoping that UTM would just function as a firewall and I could leave my modem/router as it was. I am currently on ADSL2+ but not for much longer as I will be switching to gigabit fibre. I read somewhere that I should set the UTM interface to Ethernet and I had already unsuccessfully tried both PPPOE and PPPOA so if I did bridge the modem than I assume the UTM would be PPPOE. Anyway, I'm not sure what it takes to bridge this particular modem although I have done it with a previous device setup. My router is currently on a 10.9 IP range and someone told me the firewall should be on a different range. I have tried it both ways with no success. The Youtube clip I saw demonstrated the setups for both NICs and it showed how easy it was to set the WAN side up, click renew and refresh the page and it connected. I tried the same and got nowhere.

Hi,

i am jealous, I am stuck on a good day with a 5mb/s download.

Using ADSL2+ the modem will have a rfc bridge mode or something similar. The UTM then has the external interface setup for PPPoE with your userid and password supplied by ISP. That will get the UTM access to the internet, not you or any users.

Next step is to go through the basic setup steps.

1/. install your licence.

2/. setup a firewall rule like this - internal network -> any port -> any network -> allow -> log

3/. setup a NAT rule MASQ internal network to external interface.

4/. setup a DHCP server on the internal network. At this stage depending on how you setup the UTM the internal network will have default address.

A simple explanation that should be enough to get you going and the UTM updated.

Ian

Thanks again. This principle I understand as my previous setup involved a Draytek modem/router in bridge mode and a Linksys EA 6900 as a router running PPPOE and it worked fine. Bridge mode on the Draytek was pretty much a one click affair. My bandwidth with this setup was around 14.5Mbps and it is the same with the new modem. .The forthcoming upgrade to fibre came with a free (almost) Fritzbox 7490 - top of the range - I couldn't resist it. While I am waiting on the fibre in a couple of weeks  I thought I may as well put the Fritzbox in on ADSL just to get my head round the way it functions, especially with all the on-board telephony.

The basic setup steps have already been done on the UTM. License is installed, Firewall is set as you say, NAT is set as you say. I left the DHCP server off as the one in the Fritzbox was doing the job. Are you saying that I have to use the UTM as a router and can only use the Fritzbox in bridge mode? I'll need to check with the Fritz people and see how bridge mode affects the telephony and how I can do bridge mode. I did have to run the Draytek and Linksys on different subnets to function (although I don't know why).

the fritz box is on the outside of the UTM and therefore does not pass an IP address in to the users.

Ian

So the bottom line is, there is no way to tunnel the WAN address through without bridge mode?

If your external interface (ISP) address has a range of addresses then yes, but if you only have one address no, because you need all ports and protocols for the UTM.

Ian

OK. I had a poke through the Fritzbox interface and it looks like there is a straightforward way of putting it in bridge mode. I've emailed their support to confirm.

Thanks for all your advice Ian. Hopefully I'll have it all up and running soon. It's a great piece of software (especially for the free cost) and it's time to move on from the software programs I have been using. They've done the job but this is the way forward.

Hi Ian. I don't know if you are still around but I thought I'd pass this on to you. I was never 100% sure that I couldn't use the SophosUTM as previously described and so I went back to Untangle which worked in this way before and it all went well. What it offers is a transparent bridge mode meaning you can pop it inline between the existing router and LAN without disruption which is exactly what I need.. So, I did some research and discovered it is possible to do the same with the SophosUTM. It differs from Untangle in that it requires 3 network cards:

http://www.fastvue.co/sophos/blog/easily-evaluate-sophos-utm-9-3-using-full-transparent-mode/

I haven't tried it yet but it seems to make sense and when I get myself another NIC card will give it a shot.

Cheers

Lyn

Hi Lyn,

the UTM will work in bridge mode (wire). I have never tried the configuration, but from experience with other products in bridge mode it should pass the address across to your LAN. The fritz box would provide the IP addresses and the UTM provide the security.

Ian