0

I've been playing with the Sophos UTM Home Edition, and I've noted that SSL VPN connections are issued Class A addresses. Given that the current internal network leases Class B addresses, why can I ping 172.20.1.100 from 10.242.1.1 and vice versa? Is the UTM managing routing between the two networks internally?

toolshed
  • 227
  • 4
  • 15
  • 1
    By "Class A" do you mean an address with a 255.0.0.0 subnet or are you referring to the old classes that haven't been used since the mid-90s? – Aaron Mason May 09 '16 at 02:27
  • Not even aware of those. I was referring to your standard /8 range. – toolshed May 09 '16 at 04:02
  • Having just reread your question, an address on a 10/8 network will still be able to ping a 172.16/12 address. – Aaron Mason May 09 '16 at 04:45
  • Also, the 10.242.2.0 pool used by SSL VPN is a /24 by default, so there's no need to worry. – Aaron Mason May 09 '16 at 04:45
  • I was more curious as to why these two networks can "see" each other. Are they not completely different networks, and should therefore need a router to pass traffic between them? – toolshed May 09 '16 at 04:54
  • As Daniel has stated, your UTM is a router in and of itself. – Aaron Mason May 11 '16 at 02:10

1 Answers1

1

Yes, the UTM does, as every other router, route the packet from one network into the other. But you had to allow that pings will be forwarded by the firewall somewhere.

Daniel
  • 6,780
  • 5
  • 31
  • 60
  • No so much concerned about pings as I was packets. I wanted to know how traffic passes seemlessly across the different networks. I'm guessing that the UTM automatically routes traffic internally. – toolshed May 09 '16 at 06:14
  • I just told you that the UTM routes the traffic. Read the answer again. – Daniel May 09 '16 at 06:16