Hi all, how's it going?
To set the scene, I'm in the process of upgrading the network for a small business. The business currently runs Small business Server 2003. It has 'Webmarshal', 'Mailmarshal' and Sophos apps running on the server to control web access, spam and AV. The licenses are about expired, so I've gone for a Sophos UTM 9. The server is going to be replaced before long too.
The server sits behind a Sonicwall firewall, which access the net through a cisco 800 series.
I aim to replace the firewall with the Sophos unit, then replace the server down the line.
So I put some hours in yesterday, and encountered a few issues:
1) I need to understand the bridging of ports with the UTM a lot better. When I first configured the UTM at home, I had it sat on my home network.
I plugged the WAN connection to my home router and went through the config. Connecting to the LAN port, I was able to have my web access controlled by the UTM device in no time. This wasn't the case at all when I arrived at the business, with it taking some work to get internet traffic into the network.
In the end, I had the LAN port set up with an internal IP address connected to the switch, which I was loath to change for fear of losing access tot he device when on site, then the WAN port bridged with port 2 (Labelled DMZ) to get traffic passing through. With this, the network had internet access that was controlled by the UTM.
I'm sure this wasn't right, though, so how to I properly bridge the WAN connection to the LAN? I'm a little confused by the setup with the 800 series, too. The old firewall listed a second, public IP for the Cisco - it had a specifc field for it. I believe I had to have this as the gateway address in the bridging configuration. I'll try to draw a rough diagram of it (made up IPs):
ISP
|
|
Cisco 800 (Public IP: 211.20.0.10)
|
|
UTM External (Public IP: 211.20.0.11)
UTM Internal (IP: 192.168.50.1)
|
|
Switch
|
|
SBS 2003 server (IP: 192.168.50.10)
2) I think it's related to the above, with email traffic not getting through, but as it stands with the 'Webmarshal' software on the Exchange server itself (!!) the 2003 Exchange is currently configured to point to a 'smart host' of itself at 127.0.0.1, in order to filter its own email traffic.
The sophos guides are pretty simplistic, insofar that they tell you how to point to your Exchange server and what domains to expect emails to, but I need to know the Exchange side configuration in order to get the mail flow working.
Yesterday, I was removing the smart hosts localhost pointer, and setting that to the UTM (192.168.50.1, above), but I wasn't seeing any email traffic coming in or out of the UTM, though the 'Mailmarshal' app stopped seeing emails, so I'm pretty sure they were going out correctly.
I've got a feeling that with my odd setup with the bridged ports, that email wasn't passing through the UTM properly.
Any assistance very much appreciated - thanks in advance!!
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
