Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 5 subscribers
  • Views 1054 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Vlan

Kevin Lane

So I’ve been trying to figure this out and i really am struggling and I have rang sophos a few times and well been met with a quick dead tone of the phone :/ 

so we have our main switch which is HP 5400zl series switch and our utm and then from utm to our isp

what I’m trying to is create a guest WiFi on our network, our AP are managed via sophos central 

I have created the ssid and enabled the captive portal and have placed the It in the vlan10

On the utm i have created the interface 10.10.10.1 / 24 as the default gateway and places this in vlan10

on our main switch i created vlan 10 and also enabled IP routing and added 10.10.10.0 /25 10.10.10.1 (not sure if this is the correct way or not)

I have been using another switch (has vlan 10 on it) with an AP and a laptop to test connectivity 

I have also created a DHCP scope so that when a client connects to the guest WiFi it will get an up address out of the scope 

I know how to tag ports etc but I could just do with some extra guidance if anyone could help 

our main network is 10.25.8.0 with the default gateway for our utm 10.25.8.2 (hence) me trying to use a different interface on the utm

do I need to create a static route on the utm ? in order for the communication to work ?

Thanks



This thread was automatically locked due to age.
  • 0

    Just to add When I get chance I will add a diagram 

  • 0

    Hello .

    Well I'm trying to understand the problem. First let's think of VLAN 10 as a normal kind of network - regardless of WLAN. So the first things is to get that vlan running with the UTM as a router. So you could just to the following:

    1. Create a Network with UTM as Gateway and VLAN 10. If you use a dedicated interface at the UTM yout make this port untagged vlan 10 on the switch.

    2. The switch does not have vlan 10 routing. So I would not enable it. Just let the UTM do the routing.

    3. On the UTM ensure, that you have the masquerading activated for the VLAN 10 to WAN

    4. Add a DHCP on the UTM for that VLAN 10.

    5. For testing create anoter port on the Switch with untagged vlan 10 and connect a computer. If everything is correct, you should get an ip address from the newly created network and be able to connect to the internet (if firewall rules are applied correctly).

    If those 5 steps are successful, try to connect your access points. This access points must connected to trunk ports at the switch if you want to use them for different VLANs and WLAN networks. But without achieving the 5 steps above first - WLAN will never work.

    Sophos Gold Partner
    4TISO GmbH, Germany
    If a post solves your question click the 'Verify Answer' link.
  • 0 in reply to ThomW

    I think that is where I’m going wrong I’m trying to work out how I’m going to make the switch do the routing for the different vlans I will try this on Monday and let you know much appreciated

Unfiltered HTML