This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bridge to VLAN - How to setup your UTM?

Hello,

I'm very tired of searching the web for an answer to my issues with my Wifi setup on my Sophos UTM.

 

What is my setup?

  • Sophos UTM 9.505-4
  • AP-55

 

What is my goal?

Creating two SSIDs:

  • The users of SSID A can access the internal and external network (LAN and internet).
  • The users of SSID B can also access the internal and external network BUT their connection will be filtered by Web Protection

 

What is my idea?

  1. Create VLAN 10 and add a DHCP to that VLAN.
  2. Bridge SSID A to VLAN 1 (default network).
  3. Bridge SSID B to  VLAN 10.
  4. Tag AP55 in VLAN 1
  5. -> Add VLAN 10 interface to Web Protection

 

Sidenote: My internal network has a Domaincontroller with DHCP Server behind it, so Sophos doesn't lease IP addresses.

 

I didn't get it to work so far. Do you have any recommendations or is my idea not even possible?

 

Cheers

 

Edit: I did a separate zone now and it works like it should. But I'm still wondering why it doesn't work with VLANs.



This thread was automatically locked due to age.
Parents
  • Hallo Yves and welcome to the UTM Community!

    VLAN 1 is reserved in UTM for Wireless Protection.  What happens if you try with a different VLAN #?

    Cheers- Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob

    I could solve my issues by creating a "getrennte Zone" (separate zone) for my ssids. After setting it up, it created an interface for the wlan clients on this ssid where I could apply our web filtering profile.

    Still, I tested the same with vlan. I made a rookie mistake because I forgot to configure one switch between the AP and the firewall. The issues were then resolved with my vlan setup.

    Thanks for you reply

    cheers - yves

Reply
  • Hi Bob

    I could solve my issues by creating a "getrennte Zone" (separate zone) for my ssids. After setting it up, it created an interface for the wlan clients on this ssid where I could apply our web filtering profile.

    Still, I tested the same with vlan. I made a rookie mistake because I forgot to configure one switch between the AP and the firewall. The issues were then resolved with my vlan setup.

    Thanks for you reply

    cheers - yves

Children
No Data