This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM in a DMZ. NAT rule?

I'm trying to configure a UTM whose WAN interface is connected to the DMZ port on a VoIP box. The UTM's external IP is 10.40.x.x instead of the public-facing IP from the ISP. How do I configure NAT (or whatever else) so that the DMZ hop is transparent to the internal network?

For example: I'm unable to connect to the UTM WebAdmin console from outside the network using it's public address and from the inside I'm unable to access my other UTM's WebAdmin consoles using their public addresses.

This thread was automatically locked due to age.

Parents

0 UrsWeiss over 11 years ago

Hi,

Good security devices have to be configured. They start with a configuration which is most likely as secure as possible.

Double-NAT is not really a best practice (more a "can't be done different"). I would recommend to move the VoIP box behind the UTM as Barry mentioned and create needed firewall rules for it.

From the inside you should use the internal IP of the UTM.

Your reseller should be able to help you with your setup. You may should ask him.

Regards
Urs
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 UrsWeiss over 11 years ago

Hi,

Good security devices have to be configured. They start with a configuration which is most likely as secure as possible.

Double-NAT is not really a best practice (more a "can't be done different"). I would recommend to move the VoIP box behind the UTM as Barry mentioned and create needed firewall rules for it.

From the inside you should use the internal IP of the UTM.

Your reseller should be able to help you with your setup. You may should ask him.

Regards
Urs
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data