VLAN firewall best-practices / Mode bridge, gateway mode

Question

Hello, 
 we got 2 new XGS450-firewalls. Currently the configuration is blank. 
 The firewall should manage the vlan traffic. 
 We have 3 branches. They are connected with a cisco mpls-network. 
 Our internet-firewall in the mpls network: 
 
 Should be the uplink-port to the mpls-cisco-router a wan port? 
 We don&rsquo;t need nating to the mpls-network. 
 
 In the branches are thinclients and printers. This devices have to connect the server vlan behind the xgs4500. 
 So i think it isn&rsquo;t a good idea to mark the uplink port as a wan port. 
 
 What is the best practices for this network design? Thank you, Thomas

Erick Jan · Answer

Hi, 
 Thank you for reaching out to Sophos Community. 
 For this kind of query, I recommend contacting your Sophos Sales Engineer / Partner or AM to further check your environment and requirements.

VLAN firewall best-practices / Mode bridge, gateway mode

Top Replies