This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple VLANs on SD-RED 60 and XG firewall

Hi 

I have an XG 210 at the main office and SD-RED 60 at a remote site. 

I would like to have data (2) and VoIP (10) VLANs routing to the main office LAN. 

I have setup the RED without VLANs in switch mode and all works fine, but when I change to VLANS (Tagged Trunk Port) nothing connects. The switch port connected RED is set to trunk mode with the VLANS added.  

If I do a tcpdump interface RED1 I see traffic from a test host on the RED side, a tcpdump on port1 LAN interface of the XG shows no packets from the RED interface. 

I have the LAN to LAN firewall rule set. 

Subnets at the 2 sites are not the same. What am I missing? 

Thanks

 



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    Can you please post a snapshot of RED interface configuration?

    I'd request you to check the packet flow in CLI by running the below command.

    ==> Login to SSH > 4. Device Console

    console> tcpdump 'host <test host IP of RED network> -e

    eg: console> tcpdump 'host 192.168.168.1 -e

    -e will show you whether traffic is being tagged with VLAN ID or not.

    Click here to find more information on "How to configure a RED 60 with VLANs".

Reply
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    Can you please post a snapshot of RED interface configuration?

    I'd request you to check the packet flow in CLI by running the below command.

    ==> Login to SSH > 4. Device Console

    console> tcpdump 'host <test host IP of RED network> -e

    eg: console> tcpdump 'host 192.168.168.1 -e

    -e will show you whether traffic is being tagged with VLAN ID or not.

    Click here to find more information on "How to configure a RED 60 with VLANs".

Children
  • Hi Yash

    I think I've solved this one. I ended up using another VLAN with ID 3 on the RED side, I then added a VLAN interface with IP to the RED for this VLAN. I also used a different subnet on the RED side. DHCP is working now and I can now connect between VLAN remote site and local LAN. I don't know why VLAN with ID 2 didn't work. 

    Thanks for your help tho!