Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 12270 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Dropped packages and Firewall violations even though Allow All rule

AdrianFöder

Hey everyone,

we have an SG 105 on the main branch, network is 192.168.42.x and a RED 15 on a subsidiary branch which is 192.168.9.x

The RED serves fine DHCP on 192.168.9.128 until 254.

Being on the remote subsidiary, I am able to for example ping 192.168.42.65 and 192.168.42.1, I also am able to log in to the main SG 105. Tracert is nicely routed via the RED host.

We now try to get to our telecommunications device which is on 192.168.42.20 but no connection is possible. It is exactly the same way connected as .65 or .1 as mentioned above.

Is it possible that there are additional FW restrictions active? Why? I have an allow from all to all (Hummelbühl 9 is the RED NW):

 

but for example the following log entries:

Why is that? What can I do further?



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    Did you mean, you can communicate with 192.168.42.65 and 192.168.42.1 from 192.168.9.x network? RED is deployed in which mode? Which is the RED device and what is the configuration for RED in UTM?

    Please post the required details with screenshots.

    Thanks

  • 0 in reply to sachingurung

    Hi,

    exactly what you've said: .42.65 and .42.1 (for example) is possible, while .42.20 is not, FROM RED's 192.168.9.x location. Just to exclude potential mistakes: yes, both are ping'able etc. from the immediate network.

    RED is deployed in.. Standard/Unified? The one where *all* traffic, even Internet, is routet through the "mother" UTM.

    See the following screenshots:

    Thank you very much for your assistance,

    Adrian

Reply
  • 0 in reply to sachingurung

    Hi,

    exactly what you've said: .42.65 and .42.1 (for example) is possible, while .42.20 is not, FROM RED's 192.168.9.x location. Just to exclude potential mistakes: yes, both are ping'able etc. from the immediate network.

    RED is deployed in.. Standard/Unified? The one where *all* traffic, even Internet, is routet through the "mother" UTM.

    See the following screenshots:

    Thank you very much for your assistance,

    Adrian

Children