This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LAN Link aggregation or LAN Failover

Hi All,

We've had a core switch failure today. We used to have a Sophos UTM where it allowed us to configure LAN Aggregation. I can't seem to see this on the XG.

Is it possible, i really could do with connecting the XG to an additional core switch to protect against a failure such as what we've experienced.

thanks



This thread was automatically locked due to age.
Parents Reply Children
  • This seems* to be ok after creating the new AGG group on ports 1 & 5. I did this remotely from Sophos Central via the firewall manager.

    Before i did this i connect to the site using Sophos connect and did a few things before hand (like doing a back up).

    I've rebooted the XG and reconnected via Central. I can ping internal (LAN) pcs via the new AGG interface so i assuming all is fine?

    *That being said. I don't seem to be able to VPN back into the site via Sophos connect, and all the sophos access points are showing as "inactive". I hoping this is a central bug? :s

    I'll be on site early tomorrow just in case. Anything that could have caused this?

    I connect to the firewall via central, unbound the single LAN port (port1) and noted it's settings. Created a new AGG interface with Port 1 & 5 (both unbound) and entered the address details noted above. 

    EDIT: looking at the VPN logs on the xg. i'm getting rejected because of wrong credentials. go figure ? 

    Regards

  • Seems that there's a bug... if i set the lagg to "auto negotiate" the speed, i can't communicate to the LAN, if i set it manually to 1000 everything is fine.

    I can see all the Access points and vpn back into the site. i can now access all lan resources.

    .......that was a long night....... still better now than during production.

  • Hey ,

    Yup, that's true this has been reported bug: NC-92783.
    Work around is: change the speed settings to manually. 
    This will be fixed in the next release of the firmware i.e. SFOS 19.0.1 MR1

    Thanks & Regards,

    Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • All sorted now, up and running with a LAN LAG link. Thanks for all your input.

    Cheers

  • Cheers

    Thanks & Regards,

    Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.