Trying to create some VLANs but br0 is configured automatically with Port1 as a member.

Hi... new to Sophos.

I'm trying to create some VLANs under Port1 but the wizard configured br0 to be all the ports except for Port2 (WAN).

So I've done the following:

  1. Removed Port1 from BR0 and set interface IP for BR0 to
  2. Connected to Port3 and, Set the interface Port1 in zone LAN and configured interface IP to
  3. Changed DHCP to issue IPs on Port1 instead of BR0.
  4. Connected to Port1 and DHCP gives me an IP address.
  5. But now I cannot connect to or -- do I have to enable access from Port1 to the webconsole? If yes, where do I make this change? I want to delete BR0 but I'm afraid if I do that, I will lose all access to webconsole.

Thank you


  • So I enabled WAN HTTPS access and since I have another way into the router, I will go ahead and delete BR0 and see what happens.


    ***UPDATE*** -- Doing the delete of the bridge interface made Port1 function as desired for accessing the webconsole. Perhaps this needs to be addressed to make initial setup easier.

    I really wonder how many people did the above steps and then locked themselves out of their devices because they didn't have the foresight to enable another access to the device. I'm aware that SSH or telnet are options but for such a simple setup, admins shouldn't be required to do anything more than click.


  • In reply to koolkevbo:


    the br0 only comes into effective if you have more than two ports connected at setup time.


  • In reply to rfcat_vk:

    Interesting... because that's not how it happened with me. Port2 (WAN) was not connected to anything. Port1 (LAN) was connected to a Netgear M4100 which was in turn connected to my laptop (Macbook Pro).

    XG 135 on SFOS 17.1.3 MR-3

  • In reply to koolkevbo:

    Unless, you ticked the bridge mode at setup.