This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM and Cisco ASA 5005 NAT/routing

Hi, Our enviroment My LAN= 192.168.157.x and 3 computers (192.168.157.1 to 3) Customer LAN 2.14.224.x My Sophos UTM has 192.168.157.70 ip and an interface with 172.16.0.3 which is a exchange LAN created between out both LAN networks Cisco ASA has 172.16.0.1 and some objetcs defined NAT, for example: PC1 192.168.157.1 at ASA 172.16.0.1 and then, a rule to route traffic to 2.14....network At my Sophos there is a SourceNAT wich translates source ip 192.168.157.1 to 172.16 network changing to 172.16.0.1(in this case) Of course there is something wrong because I can not ping or telnet ports from my computer at 192.168.157.x Any ideas? Reagards

This thread was automatically locked due to age.

Parents

0 BAlfson over 9 years ago

Edgar, you should only need a firewall rule to allow traffic between subnets defined on UTM interfaces. All of the routing is done automatically by WebAdmin and the Configuration daemon, so your NAT rule is only needed if you've made a misconfiguration elsewhere.

Pinging is regulated on the 'ICMP' tab of firewall.

It's always a good idea to start troubleshooting with #1 in Rulz.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 9 years ago

Edgar, you should only need a firewall rule to allow traffic between subnets defined on UTM interfaces. All of the routing is done automatically by WebAdmin and the Configuration daemon, so your NAT rule is only needed if you've made a misconfiguration elsewhere.

Pinging is regulated on the 'ICMP' tab of firewall.

It's always a good idea to start troubleshooting with #1 in Rulz.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data