Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Replies 7 replies
  • Subscribers 39 subscribers
  • Views 2942 views
  • Users 0 members are here
Options
Suggested

How to configure a bridge?

albert cutrona

Hello!! Slight smile

In my home network, I have a mini PC with two ports running Proxmox and a virtualized Sophos Firewall Home Edition.

I have purchased a mini PC with four ports to replace the one I currently have. While I wait for it to arrive, I decided to do some testing with a VirtualBox virtual machine where I simulated a WAN port and a LAN port. The WAN port receives the IP 192.168.3.37 via DHCP, and the LAN port has the IP 172.16.16.4.

Next, I added two more virtual NICs so that in Network > Interfaces, the two new ports appear.

My intention is to use one port for the WAN and the other three for the LAN. Following the official documentation:

https://docs.sophos.com/nsg/sophos-firewall/20.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Network/Interfaces/NetworkBridgeInterfaces/index.html

I tried to create a bridge to have the three ports with the same IP 172.16.16.254, and here's a screenshot of the configuration:

When I save the configuration, I lose access to the firewall. To regain access, I have to perform a factory reset.

What am I doing wrong?

Kind regards!! Slight smile



Edited TAGs
[edited by: Raphael Alganes at 11:53 PM (GMT -7) on 2 Sep 2024]
Parents
  • 0

    Hello Albert,

    From what interface do you access the Firewall when you perform the bridge configuration?

    If you're accessing from outside the 172.16.16.x/24 network, then you're expected to lose network connectivity on your firewall since you bridge them altogether into that network scheme.

    Further, I believe that from your setup, as stated in your intention:

    albert cutrona said:
    My intention is to use one port for the WAN and the other three for the LAN

    - is possible to achieve this without configuring a LAN WAN Bridge. You may only need 1 WAN Port and LAN Interface/s (You may still, bridge the 3 LAN interface if needed on your network requirement) as I see it’s that the setup goes like:

    ISP router/Home router->Sophos Firewall Home->Network

    - and thus may not need to bridge WAN with LAN unless there's an existing setup that you do not want to change/disrupt network settings anymore but would need to put Sophos Firewall in-between.

    However, If my assumptions are incorrect. Could you please share a diagram of the setup you are trying to achieve.

    Regards,

    Raphael Alganes
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to Raphael Alganes

    Hello  

    Hello,
    I keep thinking about how to solve this issue. When configuring the ports, it is essential to assign them an IP address. Is it possible to limit management access to only one LAN port?

    Kind regards!! Smile

Reply Children
Unfiltered HTML