This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ROS Sophos

Hi, 

I'm new with this equipments, i'm trying to configure VLANS between two equipments (SOPHOS -» Switch)

SOPHOS:

- WAN - DHCP from ISP router

- LAN PORT1

IP: 192.168.100.1/24 - ZONE LAN

1.10 - VLAN 10 - 192.168.10.1/24 - PORT 1 - ZONE LAN

1.20 - VLAN 20 - 192.168.20.1/24 - PORT 1 - ZONE LAN

Have DHCP configured for the physical port and each vlan.

The firewall is configured to allow any traffic for ZONE LAN

On the switch side:

Configured port 8 (connected to sophos PORT1) as trunk tagged

port 1 as vlan 10 untagged

port 2 as vlan 20 untagged

I cant get DHCP on the switchports 1 and 2 but if i configure manually ip address on the computers NIC i can ping the vlan respective vlan gateway (ex: 192.168.10.1) and have access the internet.

I'm missing any configuration as i'm using router on a stick?



This thread was automatically locked due to age.
Parents
  • I did a default config on the firewall, reconfigured with the same configs and now its working... wtf

    I have created 6 vlans each one assigned to the first 6 switchport (vlan10 - swport1, vlan20 - swport2,...)

    Vlan10: 192.168.10.1

    Vlan20: 192.168.20.1

    Vlan30: 192.168.30.1

    ...

    From each vlan i can ping other vlans ip interface (ex. from vlan 30 i can ping 192.168.10.1) can this be blocked or its impossivel because its a switch virtual port?

    I can ping only the svp ip and not the equipments itself on the other vlan so its not doing inter vlan routing and thats good. Can i block too pings to the other svp interface

  • Hi,

    from memory you have a firewall rule allow all inter lan traffic, disable it.

    ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • The inter lan traffic is disable but i can ping the other vlans network IP.

    I cant ping other vlans equipments but i can ping the vlan netword ip and i want to block this too.

  • Do a tracert to see where the traffic is going?

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply Children
No Data