Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 2 subscribers
  • Views 3190 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Full NAT not working on bridged Interface BR0 (Internal LAN)

ALTEMO
Hello,
I have the following problem with a installation of UTM 9.102-8

I have the internal Interface BR0 which is a bridge over eth0 and red13.
We do this because we need to forword EIB Electro Bus signals to another Building.

Now I have a Full NAT.
From: Any
Service: TCP 8010
To: WAN Adress

Destination Translation: Electro Server (192.168.153.90)
Destination Port: TCP 80

Source Translation: Internal Adress

This rule worked in 8.309 and 9.005, now with 9.102-8 it does not work anymore.

As soon as I delete the bridge, it works again.
After recreating the bridge nothing happens anymore.

I can see in the Webfilter that the NAT Rule is applied, but nothing happens.

How can I fix that?
Seems to be a problem with the UTM Software? 

Please help.


This thread was automatically locked due to age.
Parents
  • 0
    Altemo perhaps you've run afoul of what I call Rule #3:

    Never create a Host/Network definition bound to a specific interface.
    Always leave all definitions with 'Interface: >'.


    You can have routing problems if the Host definition for your Electro Server is bound to the Internal interface.  I have a funny feeling that V9 still has issues with bridged interfaces, but I don't think your problem is related.

    Cheers - Bob
    PS It's a good habit to leave a field empty if you're not making a change (port 8010).

Reply
  • 0
    Altemo perhaps you've run afoul of what I call Rule #3:

    Never create a Host/Network definition bound to a specific interface.
    Always leave all definitions with 'Interface: >'.


    You can have routing problems if the Host definition for your Electro Server is bound to the Internal interface.  I have a funny feeling that V9 still has issues with bridged interfaces, but I don't think your problem is related.

    Cheers - Bob
    PS It's a good habit to leave a field empty if you're not making a change (port 8010).

Children
No Data