Hello!! 
In my home network, I have a mini PC with two ports running Proxmox and a virtualized Sophos Firewall Home Edition.
I have purchased a mini PC with four ports to replace the one I currently have. While I wait for it to arrive, I decided to do some testing with a VirtualBox virtual machine where I simulated a WAN port and a LAN port. The WAN port receives the IP 192.168.3.37 via DHCP, and the LAN port has the IP 172.16.16.4.
Next, I added two more virtual NICs so that in Network > Interfaces, the two new ports appear.
My intention is to use one port for the WAN and the other three for the LAN. Following the official documentation:
I tried to create a bridge to have the three ports with the same IP 172.16.16.254, and here's a screenshot of the configuration:
When I save the configuration, I lose access to the firewall. To regain access, I have to perform a factory reset.
What am I doing wrong?
Kind regards!!
Hi Albert,
Once you save this configuration, what is the IP address of the firewall you type in to access it? You mentioned that the LAN IP was 172.16.16.4, and your configuration indicates that it’s 172.16.16.254
Try accessing the firewall through the configured IP of 172.16.16.254. And let us know if it works
Hello Raphael, thank you very much for your help!!
Raphael Alganes said:- is possible to achieve this without configuring a LAN WAN Bridge. You may only need 1 WAN Port and LAN Interface/s (You may still, bridge the 3 LAN interface if needed on your network requirement) as I see it’s that the setup goes like:
- Port 1: 172.16.16.4/24
- Port 2: 172.16.16.5/24
- Port 3: 172.16.16.6/24
If this is so, I have to say that I have already tested it and, obviously, it works. But, then I can access the firewall management from three different IPs, I don't know if that is correct.
This is the diagram of what I want to achieve on production, the same as what I have now but with two extra ports to serve the LAN:
This is an exact photo of the equipment I bought:
On this mini pc I will install Proxmox, and it will only be used to run virtualized Sophos. I want to make it clear that I do these tests in a virtual environment, so I can make sure that when I go into production everything will go well.
Kind regards!! 
Hello Raphael Alganes
Hello,
I keep thinking about how to solve this issue. When configuring the ports, it is essential to assign them an IP address. Is it possible to limit management access to only one LAN port?
Kind regards!! 
Hello Raphael Alganes !!
You can instead limit those who can access the device using Local Service ACL
As you suggest, this way I can limit access to the device from certain interfaces:
That's an acceptable solution to my original question, config three ports in the same subnet.
I've to say that after playing with the VM, I've realized that bridge interfaces only works with the ones that don't have the gateway of the DHCP.
Thank you very much for your help and kind regards!!
