Hi All,
Been hacking away at my nice UTM 9 box, and found that when I create a bridge on 5 Eth ports on my appliance I have to create a firewall rule "Internal" --> Any --> "Internal" to pass any traffic.
Would this assume then that LAN traffic is then passed through the firewall? I was really hoping to avoid this!
My interfaces all all bridged to br0 with the original internal interface configured during the initial setup set as the covert interface. Is this where I might be going wrong, or is there a way to configure a vlan and add the interfaces into that instead? (Cisco method) The bridge to me is more like how watchguard turn their optional ports into a LAN but with no firewall involved.
Also is VPN pass through possible on this software? I have a Vodafone suresignal that doesn't want to work, That could be down to a number of factors at the moment, but it seems to establish a tunnel to Vodafone, but my phone wont register. works fine on the netgear prosafe i have.
Also I have an IPSEC site to site tunnel running as well back to my office for an IP handset
Been hacking away at my nice UTM 9 box, and found that when I create a bridge on 5 Eth ports on my appliance I have to create a firewall rule "Internal" --> Any --> "Internal" to pass any traffic.
Would this assume then that LAN traffic is then passed through the firewall? I was really hoping to avoid this!
My interfaces all all bridged to br0 with the original internal interface configured during the initial setup set as the covert interface. Is this where I might be going wrong, or is there a way to configure a vlan and add the interfaces into that instead? (Cisco method) The bridge to me is more like how watchguard turn their optional ports into a LAN but with no firewall involved.
Also is VPN pass through possible on this software? I have a Vodafone suresignal that doesn't want to work, That could be down to a number of factors at the moment, but it seems to establish a tunnel to Vodafone, but my phone wont register. works fine on the netgear prosafe i have.
Also I have an IPSEC site to site tunnel running as well back to my office for an IP handset