Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 6 subscribers
  • Views 4494 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Routing between WAN and LAN

M.Hegazy

hello everyone one

i have Sophos UTM 9 built on ESXI host

and one Managed switch

on the switch i created 3 vlans

vlan 10 - for WAN interfaces (have three wan links)

vlan 20 - users

vlan 30 - guests

everything is working just like i want except one problem

i cant make users go to internet from vlan 30 or even vlan 20

vlan 20 interface ip 10.10.10.1

vlan 30 interface ip 10.10.50.1

vlan 10 (WAN - right now iam testing with one interface to verify the connectivity) 192.168.1.9

any suggestions for this issue ?



This thread was automatically locked due to age.
  • 0

    Hi Mohamed,

    firewall rule:
    vlan 20 interface & vlan 30 interface -> Websurfing -> internet ipv4, internet ipv6

    masquerading rules:
    vlan 20 interface -> vlan 10 interface
    vlan 30 interface -> vlan 10 interface

  • 0
    Hello Mohamed, Before we go to far up the stack to web browsing, can you provide any further detail on what testing you have done? Meaning, from the UTM webadmin>support>tools>Ping Check, are you able to select your Internet facing port and ping out to 8.8.8.8? If successful, move back one step to your managed switch, ping the IP address of your default-route as configured in your switch, if successful, still from the switch, then ping to 8.8.8.8 and so it goes. Stepping back from your edge device moving inward to your LAN connections. If the routing/Layer3 functionality isn't working fix that, then move to name resolution (DNS) to determine further your ability to reach the Internet by browser. todd
  • 0 in reply to ManuelAbeledo

    wow thats worked like charm

    but i created the masquerading rules and it did the work

    now i can access the internet from both vlans BUT the ping is to HIGH

    anyway

    after applying the masquerading  rules like you said i still can apply rules on the network use like speed limitation and web filter on both vlans

    right?

  • 0 in reply to M.Hegazy

    Hi, Mohamed, and welcome to the UTM Community!

    Please insert pictures of your WAN interface definitions and of your masquerading rules.

    Cheers - Bob

  • 0 in reply to BAlfson

    Hi Mohamed,

    Bob said it, to find out the issue of the high ping, pictures please ;-)

    Of course you can apply rules like speed limitation (or e.g. allowed daytimes) and/or web filtering. But let us first resolve your ping issues ;-)