Guest User!

You are not Sophos Staff.

Thread Info
  • Locked Locked
  • Replies 6 replies
  • Subscribers 3 subscribers
  • Views 12639 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM traffic redirection between 2 UTM in different offices

fustyler

I have the following scenario:

2 offices in different countries connected via leased line directly to each other. Each office has its own UTM and Internet connection.

Now, I want certain web traffic from UTM B in office B to be redirected to the UTM A in office A via leased line and use the Internet line from Office A (instead of using internet link from Office B)

I tried adding policy route into UTM B to redirect certain IP to UTM A, and added a NAT and firewall rule on UTM A to allow Office B access the internet.  At the moment I am not having any luck - is there a simple method to do this or am I missing something?

Thanks.



This thread was automatically locked due to age.
Parents

  • Assume that the company has a content subscription at a fixed price for all requests coming from a single IP and that that IP is on the WAN port of UTM A.  Assume the content server can be reached at 66.77.88.99.

    In UTM A, configure a Web Filtering Profile with no active filtering that has, in 'Allowed networks', the IP of the primary address on UTM B's leased line connection.

    In UTM B, create a Parent Proxy definition for all traffic going to 66.77.88.99 and assign as the parent proxy the primary IP on UTM A's leased line connection.  Assign this Parent Proxy to the apprpriate Filter Action(s).

    How is your scenario different from that?

    Cheers - Bob
    PS There also is a way to build an IPsec VPN between the two sites and SNAT traffic out of UTM B's HTTP/S Proxy into the tunnel so that it can go out UTM A's WAN port, but it's more complex and would be less obvious to Sophos UTM Support if you had issues related to it.

Reply

  • Assume that the company has a content subscription at a fixed price for all requests coming from a single IP and that that IP is on the WAN port of UTM A.  Assume the content server can be reached at 66.77.88.99.

    In UTM A, configure a Web Filtering Profile with no active filtering that has, in 'Allowed networks', the IP of the primary address on UTM B's leased line connection.

    In UTM B, create a Parent Proxy definition for all traffic going to 66.77.88.99 and assign as the parent proxy the primary IP on UTM A's leased line connection.  Assign this Parent Proxy to the apprpriate Filter Action(s).

    How is your scenario different from that?

    Cheers - Bob
    PS There also is a way to build an IPsec VPN between the two sites and SNAT traffic out of UTM B's HTTP/S Proxy into the tunnel so that it can go out UTM A's WAN port, but it's more complex and would be less obvious to Sophos UTM Support if you had issues related to it.

Children
No Data