First, here is what I have so far...
Sophos UTM (B) eth1 176.12.10.1/16 (GW-172.16.1.1) > Wireless Backhaul Antenna 176.12.100.101/16 (GW-176.12.1.1) > Wireless Backhaul Antenna 176.12.100.100/16 (GW-176.12.1.1) > Sophos UTM (A) eth5 176.12.1.1/16
Firewall rules and static routes are applied and work perfectly to allow the networks beyond these UTM devices to work properly in the network.
Now, I am trying to add a 2nd wireless backhaul interface into Sophos B to connect together another building. I could easily throw a small switch in there, but I have the available interfaces on Sophos B, so why not?
I first tried making Sophos UTM (B) eth2 176.12.10.2/16, but that didn't seem to work at all (couldn't connect/ping to devices attached to it from Sophos B device or any other, e.g. 176.12.100.102/16 (GW-176.12.1.1).
After some research, I saw that using a Bridge may be the way to go between these interfaces, so I did that (deleted eth2, then mixed mode, selected eth2, then converted eth1). After doing that, everything still worked exactly the same on the eth1 chain as it has been. The Sophos B device itself can now ping through eth2 to the device (176.12.100.102).
Now, here's where I am running into trouble: I can't seem to get anything to ping through from eth1 to eth2. Example: 176.12.100.101 cannot ping 176.12.100.102. I SSH'd in to Sophos B and did a tcpdump and watched the traffic. I can see the ping request go in, but no reply.
I watched several logs and made several changes with no luck. It doesn't seem IPS or the firewall is getting in the way. I'm sure there is something I'm missing here...
Anybody have a suggestion to make this work the best in the scheme I'm attempting?
This thread was automatically locked due to age.
