Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 38 subscribers
  • Views 1583 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG - limiting traffic from one VLAN to another

Wilbur Chung

My setup has 2 VLANs - Main and IoT, using Sophos XG as DHCP and gateway.  I'm able to allow traffic between the 2 VLANs by adding a firewall rule of

               LAN Any host Any service to LAN Any host Any service.  

What I'm trying to do is to only allow traffic initiated from Main -> IoT VLAN but not the other way round.  I tried 

                LAN #Port1.77 Any service to LAN #Port1.44 Any service.       (VLAN 77 is Main and 44 is IoT)

but this won't work.  No traffic is allow to flow.  

Is what I'm trying to accomplish possible with XG?



This thread was automatically locked due to age.
Parents
  • +1

    Change your #LANport to the network Id of the LAN, you will create this in Hosts and services - IP host based on the full IP address range of the interface. The #LANPort is only one address as your will see when you look at Hosts and services - IP host.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • +1

    Change your #LANport to the network Id of the LAN, you will create this in Hosts and services - IP host based on the full IP address range of the interface. The #LANPort is only one address as your will see when you look at Hosts and services - IP host.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Children
Unfiltered HTML