Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Subscribers 5 subscribers
  • Views 14072 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Traffic between Internal network and VLAN has suddenly stopped

Sam Marschke

So I have a setup where the internal LAN and VLAN 200 need to talk to eachother, this worked in the past with the same settings however sometime in the last 2 months the VLAN has stopped receiving Inbound traffic.

 It's a SG330 on firmware 9.502-4

My rules are:

Firewall Rule 1:

VLAN -> any -> LAN

Allow

 

Firewall Rule 2:

LAN -> and -> VLAN

Allow

 

SNAT Rule 1:

LAN -> any -> VLAN

Change Source: VLAN

 

SNAT Rule 2:

VLAN -> any -> LAN

Change Source: LAN

 

Now just to test I also created another VLAN on a different interface going to a different switch - same issue. The VLAN interface transmits but doesn't receive - The sophos couldn't ping the switch and the switch couldn't ping the sophos.

Network Usage of the vlan interface:

Interface Usage VLAN 200 (eth0.200) (inbound) 0.00 bps 0.00 bps 0.00 bps 0.00 bps
 
Interface Usage VLAN 200 (eth0.200) (outbound)		 760.00 bps 0.00 bps 245.00 bps 373.00 bps


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Sam Marschke

    Any hints in the firewall logs on whether the traffic is allowed or not?

    Are you sure the switch is still operating as it should (No power outage and "forgotten" to save running config)?

  • 0 in reply to apijnappels

    Firewall logs just has entries labeled "log", only going from internal lan -> vlan. No allows or denys for it. And nothing logged for vlan -> lan.

    I've resaved config again and rebooted switch but no joy.

    Its really got me stumped. We have a second sophos in HA that is sync'd up and we're having the same issue there which makes me think its a config issue somewhere. But everything looks sweet.

  • 0 in reply to Sam Marschke

    Hi, Sam, and welcome to the UTM Community!

    Pinging is regulated on the 'ICMP' tab of 'Firewall'.  The "Any" Service only includes TCP and UDP - none of the other IP Protocols are included.  If pings weren't going through because of the firewall settings, they should have shown as blocked in the Firewall log.  If you have an explicit drop rule at the end of your ruleset, that would hide "default drop" messages.

    Agreed that the SNAT rules are unnecessary.  If you're having routing problems, they would appear to be issues outside the UTM unless the VLAN is not configured on the UTM.

    Cheers - Bob