Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Adding Ubiquiti Unifi AP to Sophos XGS116 and Adding 2nd gateway IP

Good Day

Our head office programmed a SOPHOS XGS116 firewall for us. I am not familiar with firewall configurations. I have been playing around on the basics of blocking websites. We have two different internet routers each with their own IP. Both routers was connected previously, if we had a problem with internet on the one router we just switched our gateway to the 2nd router. The SOPHOS was programmed, according to our head office, in bridge mode, because they cannot configure it in router mode as there is already a firewall at head office. They could not add the 2nd router on the firewall due to it being in bridge mode. The 2nd router are basically bypassing the firewall. The problem is that many of our employers know how to switch their gateways and then they are bypassing the firewall. Is there a way to add the 2nd gateway also on the firewall in bridge mode? I saw on the configuration you can add a 2nd WAN, I haven`t tested it yet because I don`t want the network to crash. 

2nd Question is, can you add Ubiquiti Unifi Access Points on the firewall so you can also track the data usage on the mobile phones? I have the unifi controller on a server and edited the wireless devices to show names, that is the only way we can track the mobile users. I see on the unifi controller the Security settings can only be configured when a firewall is on the network and I am guessing it must be an Ubiquiti firewall. Is there a way to add the two together?

Our network setup is Internet Router -> Cisco Switch that does the DHCP -> SOPHOS Firewall -> Managed switches that does VLANS for computers and VOIP phones.

The 2nd router bypasses all the devices and goes directly to our switches. This was all configured by our head office. We only have access to the firewall and switches.



This thread was automatically locked due to age.