This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec after DNAT

Hi everyone,

We have 2 UTM120 Boxes with the current V9.106 firmware.

LAN on Site 1: 192.168.151.0/24
LAN on Site 2: 192.168.161.0/24
Both Sites are connected with an IPSec tunnel.

I need to NAT ftp-packets from the Internet arriving at the WAN Port on Site 1 through the tunnel onto a server at Site 2.

However the packets do not arrive. Any ideas on that?

thx, Chris

This thread was automatically locked due to age.

Parents

0 system-partner over 11 years ago

Hi Barry,

That's interesting to hear that. They told me at the last Sophos Architect training, that the second port is completely managed by the connection helper and no separate rule is needed. Hmm...
However, I am pretty sure that I should see some initial packets in the live log on Box2 coming in.
Meanwhile I tried to run tcpdump on the LAN interface of Box2. No ftp packets are listed there.

thx, Chris
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 system-partner over 11 years ago

Hi Barry,

That's interesting to hear that. They told me at the last Sophos Architect training, that the second port is completely managed by the connection helper and no separate rule is needed. Hmm...
However, I am pretty sure that I should see some initial packets in the live log on Box2 coming in.
Meanwhile I tried to run tcpdump on the LAN interface of Box2. No ftp packets are listed there.

thx, Chris
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data