Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 1 subscriber
  • Views 18742 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP Relay through IPsec tunnel

DigitalLuminary
Hello everyone,

I've been beating my head on this one for a while now and I can't seem to figure it out. I am trying to relay DHCP requests from a remote network to a DHCP server (Windows 2008 SBS PDC) on the local LAN. So far I can use local LAN DNS names from the remote network and can log into the local router from the remote LAN, however, I cannot PING any machine from the Local network to the Remote network just the gateway/router (192.168.1.1). My configuration thus far:

Local LAN (Sophos UTM9 FullGuard)
Local Network: 192.168.0.0/24
DHCP Server: 192.168.0.2 (Windows PDC)
UTM DHCP Relay: Internal(Interface) -> 192.168.0.2

Remote LAN (Sophos UTM9 Home Edition)
Local Network: 192.168.1.0/24
UTM DHCP Relay: Internal(Interface) -> 192.168.0.2 (Will NOT let me add the External(WAN) interface)

What I am I missing here? My intuition says a Full NAT rule, but i'd have no idea how to set one up.


This thread was automatically locked due to age.
Parents
  • 0
    My problem is that there seems to be no valid reason to take the additional risks of S2S in your situation.  Moreover, since the UTM creates routes and firewall rules with iptables, some of the granularity of iptables is sacrificed to the elegant simplicity of WebAdmin, so I fear that what you might plan to do would create routing problems. 

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    My problem is that there seems to be no valid reason to take the additional risks of S2S in your situation.  Moreover, since the UTM creates routes and firewall rules with iptables, some of the granularity of iptables is sacrificed to the elegant simplicity of WebAdmin, so I fear that what you might plan to do would create routing problems. 

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML