XGS 330 to Cisco switch LACP LAG


We've recently bought another Sophos Firewall and are having trouble getting it to talk with any cisco switches over LACP.

The setup is as follows

I've created two Separate LAN type zones called MGMT & NOACC (For no access).

Ports 5-8 are aggregated into a LAG interface linked to the NOACC zone.

I then have two VLAN's running over the LAG interface (VLAN 5 and 10).

The firewall is running DHCP for VLAN 5.

VLAN 5 is in the MGMT zone, VLAN 10 is in the LAN zone.

On the switch side, I've got an etherchannel setup on ports 25-28.

It's setup in trunking mode (dot1q) and the native VLAN is set to 1.

The switch is showing that the LACP tunnel is up successfully as does the Sophos Firewall.

The VLAN 5 interface receives an IP from the firewall (On the switch) but otherwise no traffic will flow through the tunnel.

I've also enabled Admin HTTPS and SSH services as well as ICMP on the MGMT and LAN zones.

For the life of me I cannot figure out what is wrong.

Any Help would be greatly appreciated.

Added TAGs
[edited by: emmosophos at 6:17 PM (GMT -7) on 4 Nov 2021]

Top Replies

  • Hi : Please also confirm on the XG side for both the LAG are you getting a proper count of member interface of LAG or not via the below-console command or are you getting member port info…