UTM: 9.207019
SUM: 4.2 (and 4.0)
I've set up a UTM at the same site as our SUM 4.2, deployed the various defs & rules to it, then moved it to its intended site with final tweaks to interfaces as required. All is well at the new site, except that the UTM cannot communicate with the (now remote) SUM 4.2. It can communicate with an older SUM 4.0 at another remote site (in legacy mode of course).
Both SUMs allow access from 0.0.0.0/0, and both are accessible to other UTMs we have at various sites.
The UTM can ping the SUM 4.2. None of the rules previously deployed to the UTM should prevent access to the SUM 4.2.
The UTM claims -
[1] SUM SSL-connect: 'IO::Socket::INET6 configuration failed'.
The UTM firewall log shows -
2014:10:02-11:32:20 eputm001-1 ulogd[7020]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth1" srcmac="0:1a:8c:f0[:D]7:41" srcip="10.240.78.148" dstip="10.240.68.41" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="37060" dstport="4433" tcpflags="SYN"
- where 10.240.78.148 is the WAN interface and 10.240.68.41 is the remote SUM 4.2
I'm fairly new to Sophos products, but it seems to me that the UTM is default dropping traffic to the SUM 4.2, despite there being rules in place to allow such traffic, both in the rules previously deployed to the UTM, and in a temporary user-defined rule (any/andy/any).
So, I'm a bit puzzled by this. I'd like to wipe the UTM and start afresh from a bare-metal install, but it's now in use and at a remote site, so I'd prefer to fix it in the background if at all possible.
Any suggestions?
ps This is a fully routed scenario - there's no NAT involved.
This thread was automatically locked due to age.
