Sophos Switch: How to configure VLANs in Sophos switch from Sophos central

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.

Overview

Overview

This recommended reads provides instructions on how to configure VLANs on Sophos Switch from Sophos central.

Topology

Product and Environment

Sophos Wireless (AP6 420E), Sophos Switch (CS101-8FP) and Sophos Firewall

Configuration

Step1. Switches

Step2. Create VLAN

Click the serial number > VLAN > Add VLAN

VLAN 10

VLAN name
VLAN ID 10
Color (Optional)
Description (Optional)

Select Port 2 as untagged port and Port 1 as tagged port then Click Save.

VLAN 20

VLAN name
VLAN ID 20
Color (Optional)
Description (Optional)

Select Port 4 as untagged port and Port 1 as tagged then click Save.

Once the VLANs are created, see screenshot for reference

Step3. Sophos Firewall Interfaces

Name (Port 5)
IPV4 configuration>static>192.168.10.1/24 then save.

Step4. VLAN Interfaces

VLAN 10 Interface

Under Interfaces> Add VLAN

Name (AP VLAN 10)
Port 5
Zone LAN
VLAN ID 10
IPv4> static >IPv4 192.168.20.1 and subnet mask 24 then save.

VLAN 20 Interface

Under Interfaces> Add VLAN

VLAN
Name (PC VLAN 20)
Port 5
Zone LAN
VLAN ID 20
IPv4> static> IPv4 192.168.30.1 and subnet mask 24 then save.

Once the VLANs are created, see screenshot for reference

Step5. DHCP Server

DHCP for AP6

Under DHCP > General Settings>

Interfaces : AP VLAN 10
Enter Dynamic IP Lease for VLAN 10
Click Use Interface P as Gateway
Save

DHCP for Endpoint machines

Under DHCP > General Setting>

Interfaces : PC VLAN 20
Enter Dynamic IP Lease for VLAN 20
Click Use Interface P as Gateway
Save

Configure DHCP server for VLAN 20 to assign IP address to PC.

IP Lease

To check the lease IP, kindly click DHCP and scroll down to see the assigned IP address.