Scheduled maintenance on Saturday, August 8th from 7am to 10am (UTC). Licensing registrations and key activations will be unavailable during this period. More info here.
We'd love to hear about it! Click here to go to the product suggestion community
I have a client with a SOHO. I'm using the available XG86 ports as a switch and I created a Bridge with two ports and setup a Lan to Lan policy, but the devices on Port 1 can't see the devices on Port 4. The XG can ping the devices with no problem. I've attached screen shots of my configuration.
Ports on XG cannot used as switch ports.
In reply to lferrara:
Thanks for the quick response.
I searched the KB and found this article, which is why I thought I could do the same thing on the XG86 as on the XG85. Is this not the case?
In reply to Frankv104:
Actually a Bridge should act as a Switch.
But you talking about Port3 and Port4.
Which is now true?
In reply to LuCar Toni:
I have created a bridge with Ports 1 & Port 4.
PC plugged into P1 and Printer plugged into P4.
Frank, what is your goal?
Using a bridge in this way is not the goal of a firewall.
Trying to get away without having to add a switch to this network. The user only has a printer and a PC. They provide tax services and wanted the extra protection of the Firewall.
Ok. Not a big deal.
Anyway devices on the same bridge should communicate.
That's what I thought. But the issue I'm having is that the PC can not see the Printer. The firewall is able to ping both devices.
more than likely the printer is using non-routable protocol. Try setting up the printer on the PC using the IP address.
In reply to rfcat_vk:
I tried that as well, but the PC can not find the printer. What is strange is that I can Ping the device via the Bridge defined on the FW, but I can't ping the printer from the PC.
Dumb question are they both on the same network addressing scheme?
Is nat enabled on the firewall rule? Also, the same pc needs to surf on internet?
If firewall rule is configured correct with no NAT and still you are facing this issue. I would suggest you to take packet capture on destination IP address.
Run continues ping to destination IP and check if traffic is hitting correct firewall rule and share packet capture output with us.
Follow this KB Article: Sophos XG Firewall: How to filter packets using packet capture
My God. 13 comments and some of the worst responses I've ever seen replying to a problem. No.. this doesn't work. Yes.. it's supposed to. Correct, no one here obviously knows why.
Packet capture? Good Lord, come on guys.
In reply to Matthew Bradley:
We actually finally got this to work by Unchecking the option "Enable routing on the bridge pair" on the "Bridge Interface" page!
Thanks for all the feedback.