Reflexion will be End-of-life on March 31,2023. See Sophos Reflexion EoL FAQs to learn more.
Reworked overview of my part - We are working now 2 weeks on the Sophos Switch to get it configured to apply to our customer situation:
Still existing problems:
Turn On Serdes Mac_Polling_PHY Config Enable PHY Polling Misc PHY init (unit 0) Mgmt_dev init (unit 0)Enter Esc key to stop autoboot: 0## Booting image from partition ... 1Skipping bad block 0x06220000 <-------------------------------- ERROR ????## Booting kernel from Legacy Image at 81000000 ... Image Name: IMG-01.0.0754 Created: 2021-11-25 8:30:39 UTC Image Type: MIPS Linux Kernel Image (lzma compressed) Data Size: 20264466 Bytes = 19.3 MB
Current Switch:
Model: CS110-24FPFirmware Version : 01.0.0754Logging Option : Console LoggingLogin Authentication Mode : LocalConfig Save Status : SuccessfulRemote Save Status : Not InitiatedConfig Restore Status : SuccessfulTraffic Separation Control : noneLoader Version : 03.02.01Protocol Version : 3.02.243aHardware Version : 1.0.0
Here is my sequence until i run into the error/problem - hopefully some can give us any hint on it:
Reset Switch
restore-defaultsNote: Reset also to default password (Sticker backside)
Script Block 1 General system settings
conf tsystem name "RT-DE010001"system contact "Martin Mustermanr"system location "Germany Aachen"set system description "Sophos CS110-24FP"set switch-name RT-DE010001username admin password Passw0rd! confirm-password Passw0rd! privilege 15
Script Block 2 - Create the Vlans and assign the Ports
vlan 1ports name Managementexitvlan 10ports name Serverexitvlan 11ports name VoicePbxexitvlan 15ports name WlcAccessPointsexitvlan 20ports name Clientsports add gigabitethernet 0/23 untagged gigabitethernet 0/23exitvlan 30ports name Printerexitvlan 99ports name TransferToFirewallports add gigabitethernet 0/1 untagged gigabitethernet 0/1ports add gigabitethernet 0/7 untagged gigabitethernet 0/7exitvlan 998ports name FirewallHaports add gigabitethernet 0/5 untagged gigabitethernet 0/5ports add gigabitethernet 0/11 untagged gigabitethernet 0/11exitvlan 999ports name WANports add gigabitethernet 0/3 untagged gigabitethernet 0/3ports add gigabitethernet 0/9 untagged gigabitethernet 0/9ports add gigabitethernet 0/17 untagged gigabitethernet 0/17exit
Script Block 3 - Setup Management VLAN with IP
int vlan 1description "Management VLAN"#to switch to static ip remove in config file: ip address dhcp -> ERROR: % Address allocation method must be manual to configure IP Addressno ip addressip address 10.30.0.1 255.255.255.0exit
Note: If you not stop here and wait you will see errors like this:
#RT-DE010001(config)# int vlan 99#RT-DE010001(config-if)# description "Transfer to Firewall VLAN"#RT-DE010001(config-if)# ip address 10.99.30.1 255.255.255.0#% Invalid SubnetMask For the Given Ipaddress# after waiting same command works suddenly !
Script Block 4 - Add more L3 vlan interfaces with IP
int vlan 99description "Transfer to Firewall VLAN"ip address 10.99.30.1 255.255.255.0exit
int vlan 10description "Server VLAN"ip address 10.30.10.1 255.255.255.0exit
int vlan 15description "WiFi WLC and AP VLAN"ip address 10.30.15.1 255.255.255.0exit
int vlan 20description "Clients VLAN"ip address 10.30.20.1 255.255.255.0
ERROR --> % No free interfaces are available
After adding the 4th vlan interface we always face this error message - same to local Web UI !
Script planned to finish configuration L3 interfaces but impossible:
int vlan 20description "Clients VLAN"ip address 10.30.20.1 255.255.255.0exit
int vlan 21description "Clients VLAN"ip address 10.30.21.1 255.255.255.0exit
int vlan 22description "Clients VLAN"ip address 10.30.22.1 255.255.255.0exit
int vlan 30description "Printer VLAN"ip address 10.30.30.1 255.255.255.0exit
Script Block to finish port setup
int gigabitethernet 0/1description "Sophos A Lan"switchport pvid 99switchport acceptable-frame-type allswitchport ingress-filterexit
int gigabitethernet 0/7description "Sophos B Lan"switchport pvid 99switchport acceptable-frame-type allswitchport ingress-filterexit
int gigabitethernet 0/5description "Sophos A HA"switchport pvid 998switchport acceptable-frame-type allswitchport ingress-filterexit
int gigabitethernet 0/11description "Sophos B HA"switchport pvid 998switchport acceptable-frame-type allswitchport ingress-filterexit
int gigabitethernet 0/3description "Sophos A WAN"switchport pvid 999switchport acceptable-frame-type allswitchport ingress-filterexit
int gigabitethernet 0/9description "Sophos B WAN"switchport pvid 999switchport acceptable-frame-type allswitchport ingress-filterexit
int gigabitethernet 0/17description "Router WAN"switchport pvid 999switchport acceptable-frame-type allswitchport ingress-filterexit
int gigabitethernet 0/23description "Laptop Client Network"switchport pvid 20switchport acceptable-frame-type allswitchport ingress-filterexit
# Route to actve Sophos HA LAN interfaceip route 0.0.0.0 0.0.0.0 10.99.30.254exitsave
We have also opened a ticket and also escalate it but from Sophos until now only unqualified replies!I am wondering that in this Switch section only people are reviewing but it looks to me most are also try to understand the product !I also hope we can exchange here more experience with the switches