Hello Guys,
have a little problem. This is the Scenario on our SG550.
We have a Guest SSID from whick Smartphones have access to the Internet over a dedicated DSL-Line Interface.
We have a DNAT for OWA and MobileIron for Mobile Devices from Internet (WAN1) to DMZ .
So the problem is, if the smartphones are logged into Guest SSID and try to connect to OWA or Mobileiron it is not possible they just get´s no answer and get timeout.
if they switch of Guest SSID and go directly over LTE everything is working fine.
so in logs i see that DNATs are working, but i think the problem is that Sophos also knows this Guest SSID as a interface and that packets going over DNAT WAN1 to DMZ have source IP´s from the Subnet inside Guest Wifi SSID so they get no answer from servers in the DMZ.
did you have that problem again? can someone please help how to solve it? So my mobile Phones connected to Guest SSID should have access to DMZ Servers with DNAT from WAN1 to DMZ.
Thank you
This thread was automatically locked due to age.
