Problem with VLAN configuration SOPHOS, PROXMOX

Question

Hi. I have a problem with receiving network traffic in PROXMOX_DMZ. I want two networks to be available in this PROXMOX_DMZ: 1. DMZ NETWORK 2. DMZ VLAN 1721 My devices and the connections between them Incoming traffic to the microtik ISP -> PORT WAN/vmbr0 PROXMOX_MAIN -> PORT DMZ/vmbr2 -> PORT 4 MIKROTIK Outgoing traffic from the microtik MICROTIK PORT 3 -> PROXMOX_DMZ 
 VLAN VLAN - VLAN ID 1721: PROXMOX_DMZ: 
 auto eno1 iface eno1 inet manual 
 auto eno1.1721 iface eno1.1721 inet manual 
 auto vmbr0 iface vmbr0 inet static address 192.168.2.2/24 gateway 192.168.2.1 bridge-ports eno1 bridge-stp off bridge-fd 0 
 auto vmbr1 iface vmbr1 inet static address 172.16.0.2/24 bridge-ports eno1.1721 bridge-stp off bridge-fd 0

Prism · Answer

Hello! 
 I'm not familiar with Mikrotik switches, but one thing you're doing wrong is - don't create VLAN's interface at Proxmox, you should think a Linux Bridge = Physical Interface at Sophos-side. (And enable the option "VLAN Aware on each Linux Bridge (Interface) at Proxmox.) 
 Also, don't create OVS Ports as VLAN's, you should only use Linux Bridge and then select the desired VLAN for the VM/LXC at its own configuration, Example: 
 At last, what exactly is the issue in here? You created the VLAN, but you're not receiving traffic on the "DMZ" side? 
 EDIT : I can't answer your private message, as you haven't enabled the option in the Community to accept messages from other members.

Problem with VLAN configuration SOPHOS, PROXMOX

Top Replies