Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 1 subscriber
  • Views 5523 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Network Extension via two UTMs

goosen8r
Just to start, I am a complete n00b on VPNs and am trying my best to learn, however I have been put in a position to solve a problem quickly, so here goes.

I am needing to connect two geographically separate LANs via bridge and maintain the same IP space on each. I setup two software UTM 9s on a ESXi host to work with for proof of concept. What I HAVE been able to accomplish is build RED tunnel or an IPSec tunnel between the two and allow different networks to communicate, but I need a single network to span them both. 

Is this even possible with UTM 9s in a software only configuration?

I have tried bridging the redsX and eth1 interface on one and trying to get the other to manage the network via this post: https://community.sophos.com/products/unified-threat-management/astaroorg/f/62/t/57348
with no luck.

Any suggestions?


This thread was automatically locked due to age.
Parents
  • 0
    You need te create firewall rules for all traffic that goes through the UTM, so in this case you would need something like:

    192.168.0.0/24 -> 192.168.0.0/24 any allow

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Reply
  • 0
    You need te create firewall rules for all traffic that goes through the UTM, so in this case you would need something like:

    192.168.0.0/24 -> 192.168.0.0/24 any allow

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Children
  • 0 in reply to apijnappels
    I added that rule for both UTMs just now and still no ping between clients on either end or from a client on UTM A to the br0 interface of UTB B. Maybe static routes are needed, though I don't see why as this is all one network?
Unfiltered HTML