Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Comcast Gateway Modem with Built In Wireless Model CBR2_t

Hello World.

I have a question that I already believe I know the answer to but I figured I'd ask anyway.

I have Comcast Gateway that has its own wireless built in of course. I want to firewall the wireless connectivity behind my Sophos firewall. Is this possible or will I need to purchase another wireless access point to put that wireless traffic behind my firewall. 

I've tested a bunch of configurations but of course since the wireless is part of the Comcast gateway. It's using the Comcast Gateway Egress. 

Thanks for all responses. 



Added TAGs
[edited by: Erick Jan at 12:58 AM (GMT -7) on 7 Oct 2024]
Parents Reply
  • Hello  and  

    Yes. You are correct. The Gateway is in front of the firewall. I spoke with support and the only options are either True Bridge Mode or Pass-Through Mode. From reading the differences between the two modes. Neither will allow me to define a second network for the wireless traffic traversing the gateway. Looks like my only option is to disable the wireless and either purchase another Access Point or purchase a Sophos XG(W) with built in wireless from eBay. 

    Again, thanks for all responses. 

Children
  • Hi,

     are you running a home licence or similar, the AP hardware does not work, not supported.

    You should be able to disable the wAN interface and use a LAN port to connect to the AP in the modem.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Hello   

    Thanks for the heads up about the AP hardware not working. Yes, I'm running a home license. 

    Are you saying that I should be able to configure the firewall to filter the wireless traffic on the Comcast gateway just by disable the WAN interface and using the LAN port on the modem as the gateway when connected to the Sophos firewall. 

    Can you help me understand how that would work? keep in mind the comcast modem IS the internet gateway. Disabling the WAN interface will cause me to lose internet. 

    If i'm wrong please help me understand what am i missing here

    Thanks for all responses.

  • Hi,

    the idea is based the assumption that the XG can interface to your ISP connection and the ISP modem is connected to a LAN interface on your XG.

    If the XG cannot connect to the ISP connection then the idea fails.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Hello   

    Its a fiber connection that has to go into the provided Comcast internet gateway first. Then I can forward all traffic to the Sophos firewall for the resources that are behind the firewall. Anything connecting directly to the gateway will be in front of the firewall. I.E. the wireless traffic connecting to the comcast gateway. So far I have not found a way to fix this part. 

    It sounds like I may just have to purchase a 3rd party Access Point.

    Again, thanks for all responses. 

  • Hi,

    can the XG process the ISP connection protocols, if so you might try a fibre to ethernet convertor?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Hello   

    Unfortunately the gateway has to be connected in order to provide the internet access. I tried connecting directly but so far no luck. So as it stands it's no way for me to get the comcast gateway to sit behind the sophos firewall. 

    I will just purchase an AP and call it a day. 

    Again, thanks for all the responses.