This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Issue with connecting 2 internal networks

Hello all,

I am a bit of a newbie when it comes to the sophos utm 9. I recently stood up sophos on my home network and pretty much got the initial setup running the way I want. The setup is as follows:

Cable modem - sophos - switch.  I have a wireless access point connected to the switch. The internal network is on 192.168.xxx. My internal to external traffic is getting filtered through the firewall just fine.

Recently we had an alarm system put in with cameras that run on there own network (172.16.xxx). The alarm system connects to my wireless ap and works for the most part.  The one piece that does not work is accessing the camera network via the alarm company app. This prevents me from being able to monitor the live camera views. I have bypassed the utm and proven that the app does work and that I can view the cameras without the sophos in place.

My understanding from the alarm company is that there apparently are 3 ports on the cameras that need to be open for the app to work.  In reading other posts I have tried to create static routes between the internal network and the camera network and have added corresponding firewall rules with no luck. My question is Is this the right direction or am I way off the mark? Is there a suggested reference i can look at for this type of issue that I just havnt found yet?

Thanks in advance,

Scott



This thread was automatically locked due to age.
Parents
  • What we are missing here is info on how exactly your AP is configured.

    • You say the alarm system is connected to the AP. Where is your AP connected? In your internal network or in your Alarm network?
    • How is your alarm network connected to the UTM? On a separate interface or through VLAN on the same interface as your internal network?

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • At this point the alarm system is not connected to the AP in question.   It is currently on another AP on my internal network,  Unfortunately some of it's capability wants to be on a 172,16 network which is what is driving this new alarm interface. I have another device connected to the AP on the 172.16 to test connectivity.   Once I have the 172 network working then I will move the alarm system over.  The test device is connected to the AP and the AP is plugged directly into the nic that is supporting the 172.16 interface. Here is crude drawing of the configuration:

     

     

    Thank you

Reply
  • At this point the alarm system is not connected to the AP in question.   It is currently on another AP on my internal network,  Unfortunately some of it's capability wants to be on a 172,16 network which is what is driving this new alarm interface. I have another device connected to the AP on the 172.16 to test connectivity.   Once I have the 172 network working then I will move the alarm system over.  The test device is connected to the AP and the AP is plugged directly into the nic that is supporting the 172.16 interface. Here is crude drawing of the configuration:

     

     

    Thank you

Children
  • What happens when you plug in the test device directly to the 172.16.x.x interface? Does the test device have internet access in that case? You could check this to see whether you'll have to search in the AP or in the UTM.


    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.