Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos SD-RED-60 "NATIVE" VLAN

When in switchport mode "VLAN", how to map the "NATIVE" VLAN (here 10.103.1.0/25) to a RED port ?  Mapping VLAN1 does not work.



This thread was automatically locked due to age.
Parents
  • What do you mean with native VLAN? 

    Does are the different mode of RED VLAN: 

    https://docs.sophos.com/nsg/sophos-firewall/18.0/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts/REDLANModes.html?hl=vlan

    VLAN1 in XG is simply the Interface itself in a untagged state. So 10.103.1.1/25 in your Case. 

    You could simply build up a new VLAN on this RED (302) and add the untagged Traffic to this one, if VLAN ID 1 does not work for you.

    __________________________________________________________________________________________________________________

  • - I know I could add as many VLAN as I want.
    - I already understand the different VLAN mode
    - Call it "default vlan" or "native vlan" or whatever, I am reffering to the 10.103.1.0/25 network.

    The question is: how to map the 10.103.1.0/25 network to a physical port.  Configuration above using VLAN 1 is not working.

  • Assuming this is not working. As VLAN1 is not possible to use on XG, it will not map this to the VLAN1. Hence the static Interface IP is not usable. Just my guess from this point of view, as i do not have a RED60 at hand to test this.

    What do you mean by map to physical port? Basically what are the benefits of doing so? 

    __________________________________________________________________________________________________________________

  • Basically what are the benefits of doing so? 

    I have assigned 10.103.1.1/25 and enabled a dhcp for that subnet.  The benefits is to have devices getting IP from the router and be able to use that subnet.

    I that subnet can not be reached, maybe those configurations field should be locked an greyed out when in "VLAN" mode.

Reply
  • Basically what are the benefits of doing so? 

    I have assigned 10.103.1.1/25 and enabled a dhcp for that subnet.  The benefits is to have devices getting IP from the router and be able to use that subnet.

    I that subnet can not be reached, maybe those configurations field should be locked an greyed out when in "VLAN" mode.

Children
No Data