Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
We'd love to hear about it! Click here to go to the product suggestion community
I am setting up the XG firewall in my new office.
I have a coaxial modem. How can I have a firewall behind a modem?
is it just a modem, in that case just connect the XG to the modem interface and set the WAN connection mode to DHCP.
In reply to rfcat_vk:
I forgot to mention that it is also a router. It does have an internal LAN as 192.168.1.1 and doesn't support bridge mode
In reply to Inspace IT:
You need an ethernet port on the modem. It is strange. How can you use the internet at home on your devices? The modem has wi-fi capabilities?
So, you can ask to your ISP to provide a modem with RJ-45 port or buy an adapter like this one (I am not sure it will work):
In reply to lferrara:
The adapter will be great if I am using only ethernet but We are using voice line along with ethernet so I cant use MOCA adapter
Its a optimum modem + router and it doesn't support bridge mode
So, if you have a router and an ethernet,
you can deploy XG in bridge mode or routing mode. Maybe I am not understanding the issue. Sorry about that!
The thing ISP is providing only a coax interface and they also provided a modem router that doesn't support a bridge mode. But as we know FW doesn't have a coax interface so I cannot connect the interface directly.
I cannot use the MoCA adapter cause we are using the internet + Voice line.
The modem router has the wan link and it provides LAN IP as 192.168.120.1/24 and DHCP.
How can I connect a Sophos FW behind this modem router?
Put the XG behind the modem as bridge and disable the DHCP on XG.
The modem they provide doent have that feature. when I do type the IP of the modem it is automatically redirected to ISP optimum page and I have few options to configure which doent include bridge mode. Everything i see is different in US
Bridge mode is the mode that you need to configure XG. Otherwise you can use XG as routing mode, where the WAN interface is DHCP and LAN is static IP with different IP/subnet than 192.168.1.x/24
I heard SSL VPN won't work in bridge mode. If thats true then this won't work for us. We need VPN SSL for our daily work.
Modem LAN - 192.168.150.1
XG WAN - 192.168.150.2
XG LAN - 192.168.1.1 with DHCP
Create an FW rule from LAN to WAN & VPN to LAN
Will Double NAT works? and I will forward 8443 port to FW for VPN? so will this works?
Double nat is not a problem.
Take note that SSL VPN in bridge mode works:
Great then I will bridge the WAN and LAN interface.
Enable DHCP in FW and disable it in the modem.
Create an FW rule for LAN to WAN and LAN to LAN.
Let you know once it is done. Thanks