Hello All,
Need help on this particular requirement. I'm having a Sophos XG106 as Local LAN Gateway and the WAN Link is terminated on the same. I want to monitor the Local LAN traffic. How to achieve this. As my understanding, LAN-LAN traffic does not come to the Firewall for same IP Subnet.
Any lead on this is welcome, Thanks
You will need to enable monitoring on your switch eg send data to a logging system.
Ian
XG115W - v19.5.1 mr-1 - Home
If a post solves your question please use the 'Verify Answer' button.
Hi Ajay Sharma1 I do agree with rfcat_vk, configuring SPAN/RSPAN on the switch side will help you to fulfill your requirement.Reference: www.geeksforgeeks.org/.../
Regards,Vishal RanpariyaTechnical Account Manager | Sophos Technical SupportSophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts | If a post solves your question use the 'This helped me' link.
Thanks Vishal_R and rfcat_vk
With OpenWRT-based access points, I was able to block LAN-to-LAN connections between Guest WiFi clients. It has separate VLAN and zone on Sophos. Clients on the same radio cannot connect to each other with AP Isolation, while br-netfilter package lets me filter traffic on a VLAN bridge (between both radios and built-in switch).
But this is possible in home use. Otherwise you need to monitor on switches.