Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 7941 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Access NAS from WAN thru RED tunnel

vikino

Hello,

i would like to ask if someone has got some experience in this:

Two UTMs, one with Public IP (Site A), one with private IP (Site B), they are connected with RED tunnel together.

On site A internet traffic is routed oustide via WAN

On site B internet traffic is routed out via WAN

my question is, am i able to reach NAS2 behind UTM at Site B from WAN with Public IP at Site A thru RED tunnel?

Tryied it to set it as Wer server at web server protection, nothing :-/

My thought was to have qnap.domain.com as NAS1 - that works fine

and qnap2.domain.com as NAS2, but this one should route thru tunnel...

 

Easy it would be when all traffic at Site B is routed thru UTM at Site A, but it is not.

 

Thanks for any suggestions.

Vitek



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BAlfson

    Hi Bob,

    picture of red server is not nesecary, as it is RED tunnel between two UTMs and there is nothing to set up :-) Tunnel is working fine, but im thinking about any nesecarity of masquerading?

     

    Logs are clear.

     

    To be more concrete

    UTM A has NAT rule Any-port 8888-WAN NAT to QNAP at site B and service to 8080 - standart QNAP HTTP port, automatic firewall enabled

    UTM B has firewall rule Any - 8080 - QNAP site B allow.

  • 0 in reply to vikino

    " masquerading" - If you need that, Vitek, it's a sign that you have a routing problem that can be handled in other ways, too.  From your description, it sounds like you want to replace "Any" in the WAN NAT rule with "Internet" and then choose one of the approaches suggested in Accessing Internal or DMZ Webserver from Internal Network.  Any luck with that?

    Cheers - Bob