This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos utm SG 320, when I change from Ethernet interface to Ethernet VLAN I lost the connection to admin web interface

Hello Community,

I have a Sophos utm SG 320, when I change the internal interface from Ethernet interface to Ethernet VLAN I lost the connection to admin web interface

 

So right now I´m conencted with a ethernet cable from my pc to E0/LAN (sophos interface) and this interface is set as Ethernet and its working, but when I change it to Ethernet Vlan, I connect that interface to My switch and I tagged that interface to my vlan 2, and I connect my pc to the same switch on the same vlan but as untagged, and I can  ping sophos ip address but I cannot user web admin portal:

 

 

I also created a DHCP for this interface:

 

On my Switch I have created vlan 2 with IP 192.68.X.X /24 and I´m connected to that VLAN, I can ping the IP address of the Sophos FW, but I cannot connect to the web Admin interface.

 

Any idea of this?

 

Thanks.



This thread was automatically locked due to age.
Parents
  • So basically you set eth0 to VLAN2 and you have the switch to tag that port as VLAN 2 and you lose connection?  Do you have the port going to the SG tagged and the port the computer is connected to tagged?

    Respectfully, 

     

    Badrobot

     

  • So basically you set eth0 to VLAN2 and you have the switch to tag that port as VLAN 2 and you lose connection?  Do you have the port going to the SG tagged and the port the computer is connected to tagged?

    Yes you are right, and I lost the connection but just to the Web admin portal because I can reach the ip of the Firewall, just the port to the going to the firewall is tagged the port to the computer is connected to untagged.

     

     

  • Hmmm, I would look into the switch model or manufacturer to see if there is something more needed to get the vlan to work.  I have seen switches were they do some funky version of VLANS and you have to have both tagged as well or some other option in the switch enabled.  Also some switches use certain vlans for management as well, the UTM actually reserves VLAN 1 for wireless protection.  My point is that there is always manufacturer specifics to consider so I would look there first.

    Respectfully, 

     

    Badrobot

     

Reply
  • Hmmm, I would look into the switch model or manufacturer to see if there is something more needed to get the vlan to work.  I have seen switches were they do some funky version of VLANS and you have to have both tagged as well or some other option in the switch enabled.  Also some switches use certain vlans for management as well, the UTM actually reserves VLAN 1 for wireless protection.  My point is that there is always manufacturer specifics to consider so I would look there first.

    Respectfully, 

     

    Badrobot

     

Children
  • Thanks for your answer, this is a HP 2930F Layer 3, I have something similar with other switch model from HP and it´s working maybe I´m missing something but I haven´t realized what it is.

  • With HP if I remember right you want the uplink ports to be set to tagged, the computer port to untagged and they I believe there is an option for No to all other VLANS

    Respectfully, 

     

    Badrobot

     

  • Unknown said:

    Hmmm, I would look into the switch model or manufacturer to see if there is something more needed to get the vlan to work. I have seen switches were they do some funky version of VLANS and you have to have both tagged as well or some other option in the switch enabled. Also some switches use certain vlans for management as well, the UTM actually reserves VLAN 1 for wireless protection. My point is that there is always manufacturer specifics to consider so I would look there first.

    It was a great help !

    Dane Seelen Thank you very much for sharing this !