This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VLAN Tagging the WAN interface

Good afternoon all,

As a way of introduction, I am new to Sophos. We are using CenturyLink Managed Office and they require us to VLAN tag the WAN port with VLAN 999. We currently have Cisco Meraki MX firewalls, and it is a simple affair to do this with them. However I cannot seem to get this to work in my new XG 210 firewall. I can create a VLAN 999 on port 2 (the WAN) port, but it never comes up or passes traffic to the CenturyLink router. What am I missing? Is this simply impossible? I looked at the firewall rule but nothing obvious showed up to me that would be blocking it. Thanks in advance.

This thread was automatically locked due to age.

Parents

0 Aditya Patel over 7 years ago

HI Bill,

Any reason you wanted to use VLAN on WAN interface ? , Also you could let us know the configuration on your WAN interface with the Network topology if possible.

Regards,

Aditya Patel
Global Escalation Support Engineer | Sophos Technical Support
Knowledge Base | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'This helped me' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 AJAL over 7 years ago in reply to Aditya Patel

Hi Aditya

I installed XG today the first time.

I also don't like the Interface-Management we have in the current XG Version.

Why is this not possible in the XG?

I have virtual appliance, with 10 VMXNET3 Ethernet Adapters. During the intial Setup, two of them are automatically used as LAN and WAN Ports.
By the way, the naming-order of the interfaces is not equal to the VMware naming.
Port2 (WAN) in XG is not "Ethernet Adapter 2" in VMware. This is a Linux issue/behavior I think.

However...

Now I want to change (not delete, readd) the Port2 (WAN) Interface from ETHERNET to VLAN > This is not possible!!! In the Sophos UTM, it's also possible to change the Type of Interface from Ethernet to 3G, Ethernet VLAN, Ethernet Bridge etc. I am missing this in XG.

I can add an additional VLAN-Interface to the same Port2, than set the VLAN ID. After this step, I tried to disable the TCP/IP4 Configuration for the physical Port2. I got this message:
"Continuing will delete any HTTP-based Business Application policy using this interface"

How do I replace the Port2 (WAN) created initially by Setup-Wizard to a VLAN Interface, and change all references of the WAN Interface to the new one (VLAN) ?

Thank you

AJAL
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 AJAL over 7 years ago in reply to Aditya Patel

Hi Aditya

I installed XG today the first time.

I also don't like the Interface-Management we have in the current XG Version.

Why is this not possible in the XG?

I have virtual appliance, with 10 VMXNET3 Ethernet Adapters. During the intial Setup, two of them are automatically used as LAN and WAN Ports.
By the way, the naming-order of the interfaces is not equal to the VMware naming.
Port2 (WAN) in XG is not "Ethernet Adapter 2" in VMware. This is a Linux issue/behavior I think.

However...

Now I want to change (not delete, readd) the Port2 (WAN) Interface from ETHERNET to VLAN > This is not possible!!! In the Sophos UTM, it's also possible to change the Type of Interface from Ethernet to 3G, Ethernet VLAN, Ethernet Bridge etc. I am missing this in XG.

I can add an additional VLAN-Interface to the same Port2, than set the VLAN ID. After this step, I tried to disable the TCP/IP4 Configuration for the physical Port2. I got this message:
"Continuing will delete any HTTP-based Business Application policy using this interface"

How do I replace the Port2 (WAN) created initially by Setup-Wizard to a VLAN Interface, and change all references of the WAN Interface to the new one (VLAN) ?

Thank you

AJAL
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data