Sophos Switch: How to configure VLANs in Sophos switch from Sophos central

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.


Overview

This recommended reads provides instructions on how to configure VLANs on Sophos Switch from Sophos central.

Topology

Product and Environment

Sophos Wireless (AP6 420E), Sophos Switch (CS101-8FP) and Sophos Firewall

Configuration

Step1. Switches 

Login to your Sophos Switch from Sophos central and go to  My Product > Switches>Click serial number

Step2. Create VLAN

Click the serial number > VLAN > Add VLAN 

VLAN 10

  • VLAN name
  • VLAN ID 10
  • Color (Optional)
  • Description (Optional)

Select Port 2 as untagged port and Port 1 as tagged port then Click Save.

 

VLAN 20

  • VLAN name
  • VLAN ID 20
  • Color (Optional)
  • Description (Optional)

Select Port 4 as untagged port and Port 1 as tagged then click Save.

Once the VLANs are created, see screenshot for reference

Step3. Sophos Firewall Interfaces

 Login to firewall and under Network > Interfaces > Select port 5 > Edit  the following:

  • Name (Port 5)
  • IPV4 configuration>static>192.168.10.1/24  then save.

Step4. VLAN Interfaces

VLAN 10 Interface

Under Interfaces> Add VLAN

  • Name (AP VLAN 10)
  • Port 5
  • Zone LAN
  • VLAN ID 10 
  • IPv4> static >IPv4 192.168.20.1 and subnet mask 24 then save.

VLAN 20 Interface

Under Interfaces> Add VLAN

  • VLAN
  • Name (PC VLAN 20)
  • Port 5
  • Zone LAN
  • VLAN ID 20
  • IPv4> static> IPv4 192.168.30.1 and subnet mask 24 then save.

Once the VLANs are created, see screenshot for reference

Step5. DHCP Server 

DHCP for AP6

Under DHCP > General Settings>

  • Interfaces : AP VLAN 10
  • Enter Dynamic IP Lease for VLAN 10
  • Click Use Interface P as Gateway
  • Save

DHCP for Endpoint machines

Under DHCP > General Setting>

  • Interfaces : PC VLAN 20
  • Enter Dynamic IP Lease for VLAN 20
  • Click Use Interface P as Gateway
  • Save

Configure DHCP server for VLAN 20 to assign IP address to PC.

IP Lease

To check the lease IP, kindly click DHCP and scroll down to see the assigned IP address.


Parents Reply
  • We had to configure a client with a Windows DHCP server. The setup was the same. But we could not get DHCP to work. If we set a static ip on a pc on the vlan. The traffic would flow just fine. The trick to get it to work. Was to set the switch as the gateway on the network card of the dhcp server. After doing that, DHCP started working.

     

Children
No Data