Enable transparent use in bridged mode
I have a new client that's a hosting facility. At present, there are hundreds of websites with existing IPs, DNS entries, etc. It's not practical to protect these existing sites because of the requirement that a Virtual Server use an IP on the arriving interface.
We attempted to go around this by running all of the traffic to a test server through the UTM in bridged mode. We tried using a DNAT to direct the traffic back to the bridged interface with the address of the bridge. This didn't work because the REDIRECT capability isn't configurable in WebAdmin (per Development).

2 comments
-
Bob Alfson commented
In fact, I guessed that this is possible using a different technique to create a DNAT: http://www.astaro.org/gateway-products/mail-protection-smtp-pop3-antispam-antivirus/51216-email-protection-incoming-port-other-then-25-a.html - and that works!
-
Bob Alfson commented
A possible solution also is suggested here: http://feature.astaro.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/3344404-enable-redirect-for-dnats