Hello and Good Day Everyone, I am having one more issue with xfrm interface, at one of my BO the ISP have provided ILL on vlan interface. I've setup IPSec Tunnel with VTI / xfrm interface. the Tunnel is showing up at both ends (Ho & BO). xfrm interface…

How's it going !! Currently we have configured a Vlan with sub interfaces as in the example: That is, it is required that the network of the 172.82.11.0/24 segment has an exit through the gateway 172.82.11.1, however it goes through the default…

Hi, I have been struggling to get transparent birding to work with VLANS properly. I have two ports bridged, one as LAN and one as WAN in bridge mode. VLAN 1, which is native seems to be working ok. I have another TAGGED vlan, vlan 3, which kind…

I am struggling with getting my interfaces fully functional. I am currently configured on the Sophos as follows: Port 1: VLAN 10 - 10.10.10.1 DHCP Pool for that subnet VLAN 100 - 172.16.20.1 No DHCP (MGMT) Port 3: VLAN 20 - 10.10.20.1 …

I have several Sonoff Smart Plugs. I assigned them to VLAN, with only WAN access. Sonoff has an app, that allows LAN mode, which means I can access the devices without internet. My mobile, which is connected to internal home network, is separated from…

Everytime I create a new VLAN, I cannot receive a valid IP. Here's an example: Here's the configuration for my newly created DHCP for VLAN 130 -------------- -------------------- ---------- Sophos Router is connected to our Core…

Sanity Check: Cabling dual ISPs into separate VLANs and then plugging each one into the Sophos WAN port. Hey All, How are you doing? I wanted to reach out and ask my fellow network engineers at Sophos for a sanity check on my setup. I have a cluster…

Hi, Trying to get my RED to passthrough a local VLAN but doesn't seem to be working. Having the RED in switchport mode SWITCH obviously doesn't pass it through, however local network works perfectly. However when i change the RED to switchport mode…

Hello All This is my first time on sophos community discussion....so be nice :) We are about to migrate our firewall solutions from Cisco ASA to Sophos XGs. We are testing the new XGS firewalls before we implement them into production and I have had…

Hi All I've created a vlan on our firewall and created a zone and allowed the device access, ive created a firewall rule from the zone to the wan but i cant access the internet on that vlan, do i need to create a nat rule for this to work? (i see create…

Hi, I installed Sophos SFOS with XG18 on my 2 SG210 Appliances, becuase we need to have more then 1 DHCP-Relay. But even with Firewall XG the IPsec Site-to-Site won´t work. I configured it for 3 VLANs like mentioned here: https://docs.sophos.com…

Hello, I am attempting to VLAN guest wifi traffic. I know I have the switch configured correctly for sure. I think I am missing something in the firewall though. I have a Sophos XG330 (SFOS 18.5.1 MR-1-Build326). I have VLAN 10 in the firewall and…

In one of my previous posts , I set up several virtual interfaces on my primary F1 interface. They are both effectively a gateway IP in their respective VLANs. The rest of the devices on the network can safely reach their respective gateways(the virtual…

Hi, i am brand new to the Sophos and i have one XGS3300. He is my DHCP server and the address range is from 10.10.2.1 to 10.10.16.250 I have one 3CX phone server with 10.10.128.2 address in a VLAN. I setup the VLAN, but when i try to setup the Firewall…

Hello! My journey with the XG has started with issues... Hope this is the last (still have an issue with WAF, but hope to get help there) So - hopefully - this is the last issue I am facing, at least for now. I have the main VLAN in the LAN zone…

Hi! I have a virtual lab with VMware and GNS3. I configured Vlan 2, vlan 3, vlan 4 on Layer 3 switch. Vlan 1 is 172.16.16.10 on fastEthernet 0/15 as trunk mode. But i cannot ping to Sophos from switch. Could you help me pls? Im struggling with this problem…

Hi everyone, we created a BO and connected this site with the HO over a RED60 without VLAN tagging. So far so good :-). Now we would like to enroll some AP's in the BO with a setup similar to the HO. In the HO, we make use of Unifi HD nano AP's with…

Hi! I use Vmware Workstation integrated with GNS3 as a lab. I have a topology like this but i cannot ping to XG LAN:172.16.16.16 from vlan1 trunk:172.16.16.10 What am i doing wrong?

Hey all, this is my first post I think i am missing something and need a little guidance on how to enable access to the sophos gui on the lan side from my main PC within my current setup. The setup (see pics) Router -> Sophos XG -> Core Switch …

Hi, I have the WAN port and the LAN port with 2 VLANs on each. Since it is possible from SFOS 18 to have no IP address on physical interfaces with VLANs, I need to get rid of the "dummy" addresses, but : if I uncheck IPV4 configuration on the…

Hi everyone, we have a common setup: Huawei access switches -> Huawei Core switches -> Sophos Firewall XG. Most of the VLAN interfaces are located on the core switches, which makes it difficult to control or monitor traffic with the XG. Should…

Hi! I have an XG125 where the network of port 6 is 192.168.12.0/24 and the port 1 is 192.168.0.0/24, both in LAN zone. Port 6 has a DHCP server I've added a VLAN on port 1 (Port1.40) with IP in DHCP I've created 2 rules: 1: Source zones: LAN Source…

Hi all im searching a solution for this topic: I have made a Zone (Serverzone) and i want it to be as VLAN in Port 3 but i also want it to be in the Port 2(not as VLAN, direct) i tried to made a bridge, but then the VLAN Port didn't work, so whats…

One of our clients was trying to use a specific app and Sophos kept blocking it, so we went in and unblocked the app and all services related to it. However this didn't work so we went on to making an unrestricted VLAN network that they would only use…

I've got my Sophos XGS 136 set up nicely now except for 1 thing. Background Primary WAN is Cable with Aussie Broadband. Backup WAN is Telstra Cellular 4g Modem on failover after failure to ping 8.8.8.8 I have 3 Vlans Home Work Voip If…