Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Configuring a default gateway breaks most web connectivity - XG in bridge mode

Andrew Palumbo

Hi,

I am using Sophos XG Firewall in bridge mode, and if I setup one of the ports into the WAN zone and point it to the gateway for the network, or setup a default route to the gateway for the network, I can no longer web to most websites or internal gear. its the most bizarre thing. I need Sophos to be able to see the internet so it can properly categorize traffic in the web filter, however, anytime I setup the default gateway it breaks everything. I currently have the ports in the bridge both configured in the LAN zone, and this allows the web connections to work (unless I configure a static default route). Im lost for answers here, any advise would be appreciated. 



This thread was automatically locked due to age.
  • 0

    Hi,

    please post a copy of your firewall rules and your interface configuration.

    Ian

    XGS118 - v21.5.0

    XG115 converted to software licence v21.5.0

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    You can work with the Default WAN Zone or with Routes (Static or SD-WAN). Both works fine. Default WAN Zone will simply create a default gateway 0.0.0.0. You can build this rule by yourself, if you want. 

    __________________________________________________________________________________________________________________

    • 0 in reply to LuCar Toni

      Right, the problem is anytime this route is configured I lose the ability to web to most websites. I can ping them, just cannot web to them. Even affects internal network gear. No web access, only pings... and it’s random. Like I can get to google.com and do a web search, but I can’t get to central.Sophos.com for example. It’s really odd

    • 0

      The weirdness continues. I configured a third port on the box in its own zone to try to get Sophos to find the internet not across the bridge. I hadn't even connected the port to the LAN and the traffic on my network was experiencing the same exact symptoms. It appears that anytime I have any default route configured on the system it breaks, regardless of if it is on an active port or not. This screams software bug to me, but if anyone has anything to try im up for it.

      • 0

        All,

        This is most definitely a software bug in the latest release. I booted the box into version 17.5 (it was whatever I had on the VM host prior to the upgrade during initial setup) and everything works as expected. If someone has where I can report this bug, ill report it. For the time being I will be sticking with this release.

        • 0 in reply to Andrew Palumbo

          Hi,

          are you a home or business user? if  business user you can create  a case in the portal otherwise it is as you have done in these forums.

          Ian

          XGS118 - v21.5.0

          XG115 converted to software licence v21.5.0

          If a post solves your question please use the 'Verify Answer' button.