Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
We'd love to hear about it! Click here to go to the product suggestion community
Hi All. Long time Astaro > Sophos UTM9 home user, finally making the switch to Sophos XG Home, due to 50 IP limit. I have a PC with an on-board NIC, plus two additional 1000MB PCI NICs installed. Port1 is LAN, Port2 is WAN #1 and Port3 is WAN #2. No matter what I do, one of the NICs (Port2) is in a "Disconnected" state. As soon as I plug the Cable modem into Port2, the lights all come on and everything looks great, but in the XG GUI it says the port is "Disconnected". If I put that same Cable modem onto Port3, it immediately gets an IP from the ISP and all is well. Other things I've tried:
Ultimately, I want dual WAN / WAN failover capability, so it's important for me to get this Port2 working. Any ideas?
sounds like the ISP has locked the address to one of the MACs. If you have dual WAN links why are you trying the modem on different interfaces?
In reply to rfcat_vk:
Hi Ian. Thanks for your willingness to assist. My original plan was:
Port1: LANPort2: WAN with Cable Modem, via DHCPPort3: WAN with DSL Modem, via PPPoE
Port1 LAN is OK, and Port3 came up fine with a Public IP via PPPoE. Port2 is "Disconnected" even though there is connectivity showing on the NIC and the Cable Modem.
Simply as a test, I switched the configuration around and moved the modems around like this:
Port1: LANPort2: WAN with DSL Modem, via PPPoEPort3: WAN with Cable Modem, via DHCP
Right away, Port3 received an IP from the Cable Modem provider via DHCP, and Port2 is still "Disconnected".
Again, to just test things out, I switch them AGAIN, reconfiguring Port2 and Port3 as I originally had them:
As you can guess, now the DSL works and has a Public IP via PPPoE, and Port2 is "Disconnected". Port 2 is always "Disconnected". It makes no difference what you do with it.
Does this help? How can I make it not be "Disconnected" (or "Disabled" when assigning a Static IP to it, while testing)?
In reply to sneader:
you will need to make some changes in the network - WAN Link manager settings for the failing connection.
Hi Ian. I am open to your ideas, but I do not think this is an issue with WAN Link Manager. I have tried setting one port or the other to "Backup" instead of "Active", but Port2 always says "Disconnected". In WAN Link Manager, Port2 always has a "red" button under "Status".
Again, I am open to your ideas of what I should be changing in WAN Link Manager in order to make Port2 start to work.
you need to change the setting used by the port to check connectivity.
My XG setup.
Unfortunately, none of this is helping the situation. The port is still suck in "Disconnected" mode, no matter what I do. If I plug a switch into it, and call it the DMZ zone, and throw a static IP on it, it's still "Disconnected". It never leaves this state. I'm going to buy a new NIC and see if that magically solves the problem, because I don't know what else to do.
For some closure on this, I bought a new Intel Pro 1000 PCI card and swapped out one card with this new one, and magically now the Sophos sees all three Ports as "Connected". There must have been something bad with one of the existing cards I had. Even though the card would light up when connected to the ISP Modem, something wasn't 'right'.
All is well (other than the ports moved around on me, with the NIC card change, which took a bit of time to get sorted out)