So, I installed and have been playing around with Sophos UTM 9 for some days now--had never even heard of this prior to a week or so ago. I have the limited small business version running on an old Dell Optiplex 755 box.
I do not have managed switches so I can't do vlans, but I wanted a way to block certain areas of the network from others. So instead of creating two /24 networks, I created one /23 and will manually separate the hosts (via static dhcp entries) on one half of the network or the other.
e.g. 192.168.0/23; so I would make one "network" 192.168.0.0 and the other 192.168.1.0.
For the life of me, I cannot get the first half of the ip range to NOT have access to the second half. Is this just not possible? Or am I missing something?
What I have done: Setup two ip ranges and then created a firewall rule stating that if any host within range 1 using any service tries to access a host within range 2, the packets should be dropped. I then put this at the top of the firewall list. However, I can assign a laptop an ip in the range 1 scope and it still is able to access a network share on a desktop within the range 2 scope.
Can anyone let me know what I might be missing??
Thanks very much in advance kind sirs and ma'ams
This thread was automatically locked due to age.
