Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 38 subscribers
  • Views 4201 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ROS Sophos

IT 2

Hi, 

I'm new with this equipments, i'm trying to configure VLANS between two equipments (SOPHOS -» Switch)

SOPHOS:

- WAN - DHCP from ISP router

- LAN PORT1

IP: 192.168.100.1/24 - ZONE LAN

1.10 - VLAN 10 - 192.168.10.1/24 - PORT 1 - ZONE LAN

1.20 - VLAN 20 - 192.168.20.1/24 - PORT 1 - ZONE LAN

Have DHCP configured for the physical port and each vlan.

The firewall is configured to allow any traffic for ZONE LAN

On the switch side:

Configured port 8 (connected to sophos PORT1) as trunk tagged

port 1 as vlan 10 untagged

port 2 as vlan 20 untagged

I cant get DHCP on the switchports 1 and 2 but if i configure manually ip address on the computers NIC i can ping the vlan respective vlan gateway (ex: 192.168.10.1) and have access the internet.

I'm missing any configuration as i'm using router on a stick?



This thread was automatically locked due to age.
  • 0

    Hi,

    do you have port 8 as tagged for both VLANs?
    ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • +1 in reply to rfcat_vk

    Hi,

    Yes i do. Both switchports (port 1 - vlan 10 and port 2 - vlan 20) have the same issue, work with the respective vlan only if i set manual ips on the computers nic. I cant get dhcp for that ports/vlans.

    The other ports arent in use.

    Edit: on the firewall side i dont see any option to tag the vlan. I have the VID so im assuming the firewall is doing it by default

  • 0 in reply to IT 2

    Hi,

    the XG creates the VID when you create your VLANs. Does your switch support L3 VLANs, though this shouldn't be an issue with v19.x and you do not need an addressor the physical port.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hi,

    My switch is an aruban instant on 1930 8port JL680A.

    For this configuration is requires l3?

  • 0

    I did a default config on the firewall, reconfigured with the same configs and now its working... wtf

    I have created 6 vlans each one assigned to the first 6 switchport (vlan10 - swport1, vlan20 - swport2,...)

    Vlan10: 192.168.10.1

    Vlan20: 192.168.20.1

    Vlan30: 192.168.30.1

    ...

    From each vlan i can ping other vlans ip interface (ex. from vlan 30 i can ping 192.168.10.1) can this be blocked or its impossivel because its a switch virtual port?

    I can ping only the svp ip and not the equipments itself on the other vlan so its not doing inter vlan routing and thats good. Can i block too pings to the other svp interface

  • 0 in reply to IT 2

    Hi,

    from memory you have a firewall rule allow all inter lan traffic, disable it.

    ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    The inter lan traffic is disable but i can ping the other vlans network IP.

    I cant ping other vlans equipments but i can ping the vlan netword ip and i want to block this too.

  • 0 in reply to IT 2

    Do a tracert to see where the traffic is going?

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    Hi,

    I configured port 7 and 8 as wan LAG with LACP, and connected those interfaced to my switch on port 7 and 8. On the switch side both ports are set as trunk with LACP enabled.

    Everything seems fine but when i disconnect 1 of the 2 lag cables I can see 1 packet loss when ping 8.8.8.8. With this configured the packet should be sent by the other interface right?

    Why im having this packet loss?

    I notice with this configuration every 10-20pings 1 is loss even with 2 cables plugged.

Unfiltered HTML