Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 2 subscribers
  • Views 2543 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Help Connecting Two Different IP Block

JoeyPH
Scenario

I have two IP Block which is 10.100.10.0/24 and 10.100.20.0/24 i want to connect them and share files and  Folder.

Where should i start ? 
here is my config 
Eth1 = 1.1.1.1 (sample ISP IP)
Eth2 = 10.100.10.0/24
Eth3 = 10.100.20.0/24

Thanks in advance for your Help !


This thread was automatically locked due to age.
  • 0
    Create 2 firewall rules allowing CIFS (or whatever service you are using), DNS and possibly NetBIOS between eth2 (Network) and eth3 (Network) and vice versa.
    If it doesn't work, have a look at the firewall log for blocked packets between these networks.
    Also check the IPS log for troubleshooting.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0
    If both are trusted networks and from same company you could consider allowing all traffic (any) between the subnets.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0
    Create 2 firewall rules allowing CIFS (or whatever service you are using), DNS and possibly NetBIOS between eth2 (Network) and eth3 (Network) and vice versa.
    If it doesn't work, have a look at the firewall log for blocked packets between these networks.
    Also check the IPS log for troubleshooting.


    Thank you for the respond .. 
    I've also create Firewall Rules
    Sources                         Service                        Destination
    Eth2-10.100.10.0/24        ANY                            Eth3-10.100.20.0/24
    Eth3-10.100.20.0/24        ANY                            Eth2-10.100.10.0/24
    Doesnt work .. 

    In IPS (No data is available for this report)
    ------------------------------------------------------------
  • 0
    Hi, Joey, and welcome to the User BB!

    What do you mean by "Doesnt work" - what do you see that makes you draw this conclusion?

    Cheers - Bob
    PS When presenting a problem, please always remember to state the precise version of UTM - 9.106-17?
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    @BAlfson, Thank you for the warm welcome..

    what i mean is still cant browse the other user in different subnet..
  • 0
    what i mean is still cant browse the other user in different subnet.. 

    OK.  You know what that means, but the rest of us would have to guess. [;)] See How To Ask Questions The Smart Way

    Also, try #1 in https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/22065.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Hi, have you checked the logs?
    The 'report' message doesn't seem like the log.

    Barry
  • 0
    2013:11:19-00:00:30 SOPHOS-1 ulogd[4535]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth3" srcmac="0:8:a1:4a:28:fd" dstmac="0:1a:8c:33:5b:98" srcip="10.100.10.150" dstip="10.100.20.20" proto="17" length="72" tos="0x00" prec="0x00" ttl="127" srcport="52136" dstport="161"

    here's the log file
  • 0
    That line indicates that the packet was dropped because there was no firewall rule allowing it. 

    Please [Go Advanced] below and attache a picture of the firewall rule you think should allow this traffic. 

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Attached Screenshot Firewall Rule that I created
    Name based on the Network Assigned
    Thank you so much !
Cookie Information Banner