we just bought a Sophos XG Firewall and i ran into some problems. I'm pretty new to the Sophos Universe and even to VLANs.
For testing purposes i setup two laptops on a managed Dell Switch (62xx Series, Port 26 and Port 28). I connected the XG on Port 39.
The Switch-Port-Configuration is as followes:
...configurevlan databasevlan 2247exit...interface vlan 2247name "Test"exit...interface ethernet 1/g26spanning-tree portfastswitchport access vlan 2247lldp transmit-tlv sys-name sys-descexit...interface ethernet 1/g28spanning-tree portfastswitchport access vlan 2247lldp transmit-tlv sys-name sys-descexit...interface ethernet 1/g39spanning-tree portfastswitchport mode generalswitchport general allowed vlan add 2247 taggedlldp transmit-tlv port-desc sys-name sys-desc sys-capexit...
On the XG i added a new vlan interface on port 1 with a new subnet 10.20.32.1/19.
Then i created a dhcp scope for interface Port1.2247 and created a firewall-rule, allowing everything.
If the laptops have a static ip, they can reach the internet, the XG and the laptops themselves.
But they do not aquire a IP-Address through DHCP.
Am i missing something? Thank you
you could use Diagnostics>Packet Capture
filter for port 67 and let it run.
maybe you have a similar issue (Violation Local_ACL) as we have. Struggling around with Sophos Support for months now and they can't figure it out
Hi, thank you for the quick reply. I got exactly the same message on the vlan interface.
as I don't have a solution for this and if you decide to open a support case for this I can only post my support case ID here for you so you can create a reference on this.
03622604 DHCP Requests to XG and to Relay blocked by Local_ACL Violation
see my old post about that
I have added a note to your case, asking for progress on this case.