Hi all, i have had a look at the Invalid Traffic page but as stated at the bottom doesnt resolve the issue, just reduces the number of logged entries My setup is as follows Core network is TPLink Omada (Manages the vlans) Sophos setup: Port1 …

TLDR - IEEE 802.1Q reserves VLAN ID 0 for a special purpose. Sophos XGS firewalls do not implement this special purpose correctly, preventing communication with some ISP Gateway modems. The request for proper implementation of VLAN ID 0 handling is being…

Hello, I've added a DHCP-Server for an interface on my XG. The interface is an RED-VLAN-Interface and ping from the switch is working. An Accesspoint connected to the switch did not get an IP-Adresse. Today we found out, that we have the same problem…

Hello all, I'm used to another known firewall vendor but I decided to give this for my home network a try since the other solution is way too expensive. My goal is to use a single link between my switch and my Sophos appliance so I do not need lots…

I have created a new vlan and dhcp on the XGS, configured the vlan on unifi wifi/switches, I am getting ip however I cannot get internet access. I don't want the vlan to access other vlans however I want computers inside the vlan to communicate with…

Hello Everyone, I am having a little configuration issue with my web server on a VLAN. All my VLANs have internet access but I can't seem to access my web server from outside my network. Can anyone post an example firewall rule from Public IP to VLAN…

Hi, my current network looks like this. This is a double NAT scenario but works quite well. Now I got a Unifi USG for testing purposes. I'd like to add it between the Sophos XG and the Unifi Switch. The Sophos should keep on managing DHCP, DNS…

Hello, we got 2 new XGS450-firewalls. Currently the configuration is blank. The firewall should manage the vlan traffic. We have 3 branches. They are connected with a cisco mpls-network. Our internet-firewall in the mpls network: Should be…

Hi, here is my setup, i have 2 VLAN ( 20 and 30 ) and both have DHCP enabled, and both have similar setting. VLAN is supposed to be used for Administration purposes and VLAN 30 for production traffic. VLAN 20 does not have access to Internet…

I have an APX320 on Port1 of an XGS. The original setup was to first bridge Port1, PortF1, and Port4 onto a bridge, LAN_Bridge, and then have the AP send three of its SSIDs down VLANs and bridge the other SSID to its LAN (LAN_Bridge). So the VLANs (LAN_Bridge…

I had our Sophos XG87 configured by our reseller when we bought it, since I knew nothing about how to do it properly. I've learned a lot and have changed quite a few things, but want to make a foundational change that will require destroying several things…

Port 1 was configured for LAN Usage VLAN 20 was added to Port 1 Port 1 was then unbound, VLAN 20 went away. Created VLAN 2 on the (unbound) Port 1 Wanted to create VLAN 20 again and add to Port 1 as well Get message " Interface name exists.…

Hello, I have a bridged interface. Port 1, 4, and 8. VLANs 1, 10. the bridge is in the LAN zone. VLAN 10 supports nearly all traffic, VLAN 1 exists for a private wifi network that allows guests/vendors to use the internet, but prevents them from…

Hello, Please some help understanding the following scenario: VLAN ID - 400 VLAN ID - 410 On the network with vlan ID 400 I can use the ip gateway from VLAN ID 410 and it works! Rules are applied correctly (from VLAN ID 400). This happens in all the…

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. ______________________________________________________________________________________________________________________________________…

Hello! We are planing micro segmentation of our server farm and thus will need a bunch of vlans in the range of 200-300, but there seems to be a limit on how many vlans can be added to a physical interface according to this kb: https://support.sophos…

Hi all, I have a huge problem with simple ping to NAS VLAN from any other VLAN. I tried almost everything and it just doesn't work. My infrastructure: Sophos firewall with NAS VLAN 2, no DHCP, Synology has fixed IP X.X.2.100 on port 2 with gateway…

Hello, Using the Sophos API (v20) ( https://docs.sophos.com/nsg/sophos-firewall/20.0/API/index.html ), authentication works whether it's a local account or an Active Directory account. However, when creating a VLAN through the API, an error occurs…

Schönen guten Abend zusammen, vielleicht könnte mir jemand weiter helfen. Testaufbau -> Setup: Virtuelle Sophos SFOS mit 8 Netzwerkschnittstellen 2x Intel-Netzwerkkarte mit jeweils 4 Ports. 1 bis 2 Aruba Instand ON 24 Port Switch ------------…

hi . i want to use the CLI to add VLAN ID to the lan interface . how can i do that ? i tried using the Device concole but i find that i can do that only for bridge interface. Thanks

Need help Sophos XG Bridge Mode in Multi Vlan Enviroment I am attempting to setup XG in bridge mode on a multi VLAN line between switch infrastructure and the main routing equipment (The trunk from the switches to the router). Based on the documentation…

Hallo, Ich habe ein kleines Problem bzw. brauche eine Idee: Wir nutzen eine SophosXG mit einem Router davor von ProviderA und haben in einem Vlan500 eine Fritzbox von ProviderB stehen (für diverse Tests ) User in Vlan1 --> 192.160.1.0/24 greifen normal…

Dear Team, We have to add two interface as a bridge - like A1 and A2 with sub interfaces (Vlan interface). Below are the configuration steps which I had created yesterday for bridge interfaces- 1. Created Zone (Common ZONE) 2. having created…

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. ______________________________________________________________________________________________________________________________________…

This issue is annoying us for years and happened today again after one year of being working. XG 430 with lag and SFOS 19.5.3 XG has several VLAN. On one VLAN a Windows DHCP Server is serving DHCP addresses. On several other VLAN configured also…