Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 1667 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block of IP Addresses

vasileiosg

Hello,

 

I own a block of IP addresses and I would like to NAT them over the network. Right now for each IP address that i want to NAT, i create first an additional IP address in the interfaces, assign it to the right interface and then i create the NAT rule with the automatic firewall rule. 

That works, but that can be very painful as i manage over 150 different IP addresses. Is there any other way that i can do the interfaces so it can understand that in a specific range (using the subnet of course) will know the IP addresses that can go through without me creating an additonal IP address every time?

 

Thanks.



This thread was automatically locked due to age.
  • +1

    Yes, Vasilieos, there is a more-elegant approach.  Add an interface with your subnet and have your ISO route the subnet over your primary IP.  Now, you can put public IPs on the servers in a "Public DMZ" LAN protected by the UTM.  Note that this assumes that the UTM's WAN interface does not have a subnet that overlaps with that of your new DMZ.

    Eventually, you may want indeed to use a private subnet for your servers with Webserver Protection.  Note that this can be done with a single public IP as each Virtual Server can be for a unique FQDN that is managed on one or more internal servers.  Yes, this can give you load-balancing or fail-over for Real Servers defined in Webserver Protection.  There is a straightforward method for managing such a transition.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML