VLAN Routing and Zones

Question

I have a dumb question so please be gentle. I have Port 1 on my Sophos XG setup with the default VLAN 1, VLAN 20, and VLAN 30. Port 1 is then connected to a trunk port and switch with the appropriate VLANs configured. All is good however, I'd like to use VLAN tagging on my access point but I can't figure out how to write a firewall statement allowing VLAN 20 to bypass my web filter and VLAN 30 to be filtered. Part of my confusion is that ports are tied to zones. Can I write a firewall statement just for a particular VLAN or subnet? I hope this makes sense.

This thread was automatically locked due to age.

Aditya Patel · Accepted Answer

Hi Antonio, 
 The Vlan will have a separate network , you may define the source network as your VLAN 20 and 30 on Separate rules. The rule would follow from Top to Bottom so make sure specific rules are on top of the default rule So it would follow the predefined rule first.