Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 38 subscribers
  • Views 9426 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Hardware (server, PPPOE, several ports bridge) and limitations

Feldunoob

Hello,

I'm currently trying to set up a lab with Sophos Home XG Firewall, i have been advised that there is some limitations on this product.
I was wondering if it could run with for example a brand new Dell R230 knowing i would use the following:

- PPPOE Client (WAN ISP)
- 5+ Bridged IPs in transparent mode (dedicated ip pool)
- IPS and IDS functionnality
- Functions used in this network: WebServer, Application Servers, Database Server.
- There maybe IGMP Snooping, specific dhclient options, for TV functions.
- Actually 100 Mbps fiber but can move to 500 Mbps fiber if needed.

Some functions described there are quite ressource hungry, and i was wondering if it goes beyond 6 GB RAM limitation.
As well i am wondering if the CPU 4 core limitation is applied to threads ? For example 4 cores, 8 threads ?



This thread was automatically locked due to age.
Parents
  • 0
    For a home user licence 5 users will not test the capacity. I can't test the 100/500mbs connection though. The IPS/IDS might test the CPU but only one core as the current version uses an older single threaded version of IPS. DHCP options you will need a standalone DHCP server, current XG (SF-OS) has very limited DHCP functionality.
    You haven't included ATP.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hello,

    Thanks for answer, actually i'm alone on this lab but there will be more than 300 persistent connections all day (at least it's what is planned).
    I can include ATP.


    About DHCP server, it's a simple one for LAN, i'm asking about DHClient for TV to get an ip from WAN, to be more clear there is a few parameters like vlans, but it requires option 77 to be sent with DHClient to ISP's DHCP server (WAN).

    A more detailed explanation (current configuration which is working on pfsense) :

    $dhclientconf = "";
    if ($wanif == "bridge0") {
    $dhclientconf .= <<<EOD
    interface "{$wanif}" {
    timeout 60;
    retry 15;
    select-timeout 0;
    request subnet-mask, routers, ntp-servers, www-server;
    send dhcp-class-identifier "sagem";
    send dhcp-client-identifier 1:2c:xx:xx:xx:xx:xx;
    send user-class "\047FSVDSL_livebox.MLTV.softathome.Livebox3";
    initial-interval 1;
    {$dhclientconf_hostname}
    script "/sbin/dhclient-script";
    EOD;
    }

Reply
  • 0 in reply to rfcat_vk

    Hello,

    Thanks for answer, actually i'm alone on this lab but there will be more than 300 persistent connections all day (at least it's what is planned).
    I can include ATP.


    About DHCP server, it's a simple one for LAN, i'm asking about DHClient for TV to get an ip from WAN, to be more clear there is a few parameters like vlans, but it requires option 77 to be sent with DHClient to ISP's DHCP server (WAN).

    A more detailed explanation (current configuration which is working on pfsense) :

    $dhclientconf = "";
    if ($wanif == "bridge0") {
    $dhclientconf .= <<<EOD
    interface "{$wanif}" {
    timeout 60;
    retry 15;
    select-timeout 0;
    request subnet-mask, routers, ntp-servers, www-server;
    send dhcp-class-identifier "sagem";
    send dhcp-client-identifier 1:2c:xx:xx:xx:xx:xx;
    send user-class "\047FSVDSL_livebox.MLTV.softathome.Livebox3";
    initial-interval 1;
    {$dhclientconf_hostname}
    script "/sbin/dhclient-script";
    EOD;
    }

Children
No Data
Unfiltered HTML