hi
i'm trying to setup Sophos UTM 9 to handle my 2wan-1lan connections, and before sophos i tried pfsense with the same result.
Scenario:
i've Sophos UTM 9 with firmware 9.108-23 on a vmware machine with 3 virtual nics
eth0 LAN : ip 10.0.0.252 (LAN IS 10.0.x.x)
eth1 WAN ISP 1 : ip 1.1.1.1 with GW 1.1.1.254
eth2 WAN ISP 2 : ip 2.2.2.2 with GW 2.2.2.254
Exchange server: 10.0.0.3
i've disabled all services on UTM, besides Firewall and Network Visibility, for testing.
Uplling balancing is active with both WAN connections, and Multipath Rules are:
Any->Web Surfing->Any->Uplink Interfaces (By Connection))
Any->SMTP->Any->Uplink Interfaces (By Dest)
Any->DNS->Any->Uplink Interfaces (Balance Indivually)
Any->Email Messaging->Any -> Uplink interfacs
i can navigate from lan to internet using multiple links
In firewall rules i've setup a
Any->Email messages + owa -> 10.0.03 (using an alias)
I need to be able to forward "Email Messages" and "OWA" ports to the internal exchange
i have tried:
DNAT
Any->Email messaging->WanIsp1
Dest 10.0.0.3
DNAT
Any->OWA->WanIsp1
Dest 10.0.0.3
then added (read on some forums) also
SNAT
10.0.0.3->any->Internet IPv4
Sourc. transl. WanIsp1
FULL NAT
10.0.0.3
Internal NEtowrk->Email messaging->WanIsp1
source transl: v
but nothing works.. if i check the firewall live log, i see
NAT rule #2 :57101::80 [SYN]
when i try to open the WanIsp1 on my browser at home
or NAT RULE #1 with port 110 when i try to telnet WanIsp1 110 from my comp. at home.
there is no evendince of this "connection neither on the sophos netstat, nor i the exchange machine one.
What i'm doing wrong?
With pfSense i had the same problem.. could navigate with load balanced connection, but couldn't get any internal service exposed...
This thread was automatically locked due to age.
