Sophos XG SFOS v18 EAP3 - Bridge Mode in Multi Vlan Enviroment


I am attempting to setup XG in L2 bridge mode on a multi tagged VLAN LAG link between switch infrastructure and the main routing firewall equipment (The trunk from the switches to the main routing firewall). It is only for trying Sophos XG security features like: Synchronized Security, Sandbox, AntiMalware, Web Filter, Application Filter, HTTPS Inspection. It is no real production environment. How do I properly create this L2 bridge? I am not sure about zones and tagged VLAN Sophos interfaces assignment. And correct firewall rule for DHCP request pass the SOPHOS XG L2 bridge. In the end, I will only test security functions on one of the VLANs. Other VLANs should not be affected. IP addresses are assigned from the original main routing firewall, which host DHCP server for all my VLANs.

I'm not successful yet...

Thank you for your help.

Radovan J.