Hi guys,
I am quote familiar with Astaro/Sophos UTM and helped someone swap out a an older ASA that was breaking with Sophos UTM 9.
They have multiple public addresses from their ISP. I setup the WAN interface with their IP, Subnet and GW. It can be pinged from an external source and packet filter rules work as expected.
I then setup an additional address on the WAN interface, i can see it come up and it also is listed when using "ip addr" in the shell. I can ping it from inside the network no problem.
It doesn't respond to pings from an external network (this could be the same as say a SonicWALL which also does this), or like the ASA which responds to ICMP. I also tried a packet filter rule to allow pings, but no luck.
Thinking it was like the SonicWALL and that is doesn't respond, I created a DNAT rule to a simple web site internally but this fails and there are no drops i the packet filter logs.
I also tried using /32 subnet mask on that additional address.
Any ideas?
This thread was automatically locked due to age.
