Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 4753 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Access web-interface of router which is plugged to the WAN port of the Sophos UTM 9?

Vincent Warte

Hello friends,

I'm quite new to that sophos firewall thing and spent the last few days reading through a lot of things and configuring my sophos box. Now almost everything works like desired but one thing: I can't access my routers web interface from the internal network. I either get a timeout or "no route to host" error. Here's my setup:

 

ISP Router (FritzBox) 192.168.178.1 => 192.168.178.90 (WAN eth1) Sophos UTM 9 192.168.178.200 (LAN eth0) => 192.168.178.25 internal network client

 

If I try to connect to https://192.168.178.1 from 192.168.178.25, I get the timeout. 

 

What kind of setup do I have to perform, to be able to connect to my routers web-interface from the internal network? At the moment the only way is connecting to the router through wifi bypassing the sophos box. But I need the web-interface to be accessible from the internal network.

 

Looking forward to any kind of solution.

 

Best reagrds,

Vincent

 



This thread was automatically locked due to age.
  • +1

    Hi Vincent,

    I think you need to configure LAN on a separate network as eth1 & eth0 are on a similar subnet. As the modem is directly connected to the UTM, you will need no other configurations.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • +1

    Hi, Vincent, and welcome to the UTM Community!

    As Sachin said, you have a basic configuration error - see #3.1 in Rulz.

    WebAdmin creates routes based on the Interface and Additional Address objects you create.  Your configuration resulted in conflicting routes being created, but that wasn't your problem...

    When a device wants to send a packet to an IP in it's subnet, it doesn't send it to its default gateway.  Instead, it does an ARP request.  In this case, the ARP request was not answered, so the OS on your PC decided that the IP didn't exist.  Another solution would be to bridge eth0 and eth1, and that would obviate this problem.  That also would avoid double NAT.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML