This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG Firewall New Deployment - No Internet Access

I have a new deployment for sop[hos xg firewall on a 1ru appliance server.

I can't seem to get the internet on the Sophos firewall.

effectively I need the firewall to act as local router, issue dhcp on local subnet and be able to block various outbound traffic to games and vpn for kids at home.

I have a Sophos home use license, but unable to activate either.

below is the setup I have, current [pfsense, which works fine, no issue with isp or internet], and when I setup for Sophos as on right, I can't get internet working]

I have verified from ISP, there are no locks to mac addresses.

Would really appreciate any assistance.  



This thread was automatically locked due to age.
Parents Reply
  • Wondering: The modem you are using: Did you do a tcpdump on WAN? Maybe the modem is using a MAC locking, therefore if you change the appliance, it will not answer to the ARP anymore. 

    __________________________________________________________________________________________________________________

Children
  • It's a straight ont fibre to copper device, simple power off/on, does the trick. I tried plugging in the fritzbox and another router, and it gets the ip successfully [which is a static allocation from ISP]

  • What about the packet capture? Did you do this? 

    __________________________________________________________________________________________________________________

  • No, i haven't, I'll try tomorrow, as I have sourced a 4port intel PRO/1000 PT, as I'm leaning towards onboard nics being the issue.

    also, not sure where to do the packet capture from?

  • You can do a general packet capture from the SFOS webadmin under Diagnostic.

    Then check if you see any kind of packets and what kind of packets on which ports. 

    BTW: If you check for the IP: Check if your interface is actually connected or not. If it is unplugged, you might use the wrong interface on SFOS: 

    __________________________________________________________________________________________________________________

  • I have added a 4port Intel network card, and not using the onboard nics.

    I can now get wan via dhcp, and works fine. 

    Now i need to figure out, why it wouldn't work without a nat rule. any hints will be highly appreciated. thanks,