Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 8343 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NAT of Broadcast UDP with UTM

Vegard77Norway

Challenge:

I have a "device" on a remote network connected to a UTM via a RED. This device outputs UDP packets as broadcast on that local network. The server that normaly forwards them is down(remote, not very easy to get online - but will be up eventually).

Temporary work around:

I then (from the Live Log Firewall) realized the Broadcast UDP traffic is forwarded to the UTM since it shows up in the firewall log. I have tried to create a D NAT rule to forward the Broadcast UDP packets to a particular host on my local network, but get "The NAT rule object cannot use interface broadcast address objects for the traffic destination attribute when using this NAT mode." This NAT mode it refers to is DNAT. Is there any way of getting the UTM to forward the UDP packets it is receiving on a Broadcast address?

Challenge with UTM:

Is there any way of making a UTM forward packets it receives as broadcast to a single host, or .... something?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BAlfson

    BAlfson said:

    Hi, Vegard, and welcome to the UTM Community!

    The only way I know to do this is to bridge the LAN behind the RED to your internal LAN.  Is that possible?

    Cheers - Bob

    No, Bridging my Red with my LAN is not possible due to IP differences.

    But, this is a very interesting idea. I do have a vacant network port on my UTM.

    I'll try to Bridge my RED with one of the vacant network ports, and provide that to one of my VM hosts.

    It will in effect be what you proposed, but just on a "new" LAN towards one of my VM hosts. Seems possible.

    I'll test this and see if it is feasable, and if the broadcast is passed throug (they should I guess with bridging).

    I'll post the results back.

    Thanks for the tip!

  • 0 in reply to Vegard77Norway

    Hi,

    Would like to thank Bob for the suggestion that put me down the right path.

    Bridging was the magic component that was required.

    I thought I'd provide a bad sketch of the setup.

    ISP A - 4G WAN Router (DHCP, with local network.)   (On this Network I have "placed" a RED, it is not inline, just there. Primary purpose is getting me into network.)

    -On this network there is a device outputting broadcast UDP.

    -There was also a dedicated server forwarding that UDP data to another destination through a TCP connection. (Server crashed...)

    ISP B - UTM (Multiple networks)

    Temporary fix:

    Basically bridged the red, with a free NIC on the UTM. Provided that to a machine localy at Site B (ISP B location).

    I have never used briding before, so realized I needed to configure firewall rule for the broadcast traffic.

    Also the UTM interface to the red was disconnected when creating the bridge, so needed to be reconnected to the bridge. 

    In the flux I had also not noticed the network in question (red) was a VLAN setup. Found a fix for that.

    Temporary forwarding of the data has been reenabled, and everybody is happy. 

    Thanks for the suggestion, and the help!

    Vegard