Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 1 reply
  • Subscribers 40 subscribers
  • Views 164 views
  • Users 0 members are here
Options
Suggested

Transparently insert Sophos XG in a working network

AGamal

Hello,

I have a situation where my ISP installed a router and gave me a subnet ( 10.1.1.0/24 ) with the gateway being the router(10.1.1.1).

My understanding is that I need to configure an internal network (i.e 10.1.2.0/24) on the LAN side of the firewall, and on the WAN side on the firewall I should configure a route to the router (10.1.1.1)

That doesn't work for me because of some VoIP restriction.

Is there a way I can insert a firewall between the router and the devices, where the devices are on the same subnet of the router. 



Added TAGs
[edited by: Raphael Alganes at 3:03 PM (GMT -7) on 25 Jun 2024]
Parents
  • +1

    Hello,

    Thanks for reaching out to Sophos Community.

    You may try to configure a bridge interface to connect to the router ISP and your existing LAN network

    Next, Configure Bridge:

    - Go to, Network > Interfaces. Click Add Interface and then click Add Bridge

    -Then select designated interface connected to ISP router > then Zone to be configured - WAN 

    -Then select interface facing your existing network > then Zone to be configured - LAN

    -Then configure IP and netmask of Bridge interface (I just assumed 10.1.1.2 you can specify your own  or set DHCP > and Gateway: 10.1.1.1 (ISP Router) and lastly GW name:

    Configuration would look like this:

    Finally, configure a Firewall rule for LAN-> WAN Traffic and configure filtering (Web, APP, IPS, etc) as per your requirement.

    Hope this helps and thank you for choosing Sophos. 

    Raphael Alganes
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

Reply
  • +1

    Hello,

    Thanks for reaching out to Sophos Community.

    You may try to configure a bridge interface to connect to the router ISP and your existing LAN network

    Next, Configure Bridge:

    - Go to, Network > Interfaces. Click Add Interface and then click Add Bridge

    -Then select designated interface connected to ISP router > then Zone to be configured - WAN 

    -Then select interface facing your existing network > then Zone to be configured - LAN

    -Then configure IP and netmask of Bridge interface (I just assumed 10.1.1.2 you can specify your own  or set DHCP > and Gateway: 10.1.1.1 (ISP Router) and lastly GW name:

    Configuration would look like this:

    Finally, configure a Firewall rule for LAN-> WAN Traffic and configure filtering (Web, APP, IPS, etc) as per your requirement.

    Hope this helps and thank you for choosing Sophos. 

    Raphael Alganes
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

Children
No Data
Unfiltered HTML