This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ROS Sophos

Hi, 

I'm new with this equipments, i'm trying to configure VLANS between two equipments (SOPHOS -» Switch)

SOPHOS:

- WAN - DHCP from ISP router

- LAN PORT1

IP: 192.168.100.1/24 - ZONE LAN

1.10 - VLAN 10 - 192.168.10.1/24 - PORT 1 - ZONE LAN

1.20 - VLAN 20 - 192.168.20.1/24 - PORT 1 - ZONE LAN

Have DHCP configured for the physical port and each vlan.

The firewall is configured to allow any traffic for ZONE LAN

On the switch side:

Configured port 8 (connected to sophos PORT1) as trunk tagged

port 1 as vlan 10 untagged

port 2 as vlan 20 untagged

I cant get DHCP on the switchports 1 and 2 but if i configure manually ip address on the computers NIC i can ping the vlan respective vlan gateway (ex: 192.168.10.1) and have access the internet.

I'm missing any configuration as i'm using router on a stick?



This thread was automatically locked due to age.
Parents
  • I did a default config on the firewall, reconfigured with the same configs and now its working... wtf

    I have created 6 vlans each one assigned to the first 6 switchport (vlan10 - swport1, vlan20 - swport2,...)

    Vlan10: 192.168.10.1

    Vlan20: 192.168.20.1

    Vlan30: 192.168.30.1

    ...

    From each vlan i can ping other vlans ip interface (ex. from vlan 30 i can ping 192.168.10.1) can this be blocked or its impossivel because its a switch virtual port?

    I can ping only the svp ip and not the equipments itself on the other vlan so its not doing inter vlan routing and thats good. Can i block too pings to the other svp interface

Reply
  • I did a default config on the firewall, reconfigured with the same configs and now its working... wtf

    I have created 6 vlans each one assigned to the first 6 switchport (vlan10 - swport1, vlan20 - swport2,...)

    Vlan10: 192.168.10.1

    Vlan20: 192.168.20.1

    Vlan30: 192.168.30.1

    ...

    From each vlan i can ping other vlans ip interface (ex. from vlan 30 i can ping 192.168.10.1) can this be blocked or its impossivel because its a switch virtual port?

    I can ping only the svp ip and not the equipments itself on the other vlan so its not doing inter vlan routing and thats good. Can i block too pings to the other svp interface

Children