This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bridge wlan and ethernet port on SG310

Hi All

On our SG310 I have set up a wlan (SSID: kltv) and added a dhcp server for that wlan (interface). It's working like a charm and all wireless clients are getting an ip (10.21.32.x) and can access the internet. Now I need to add a wired network (by using a new/unused ethernet port on the SG310) which shares the same subnet (10.21.32.x) as the the wlan (kltv).

I have tried to change the wlan interface from "ethernet" to "ethernet bridge" and bridge/select the wlan (kltv) and an unused eth6 NICs, but it doesn't work. Now only the eth6 wired clients get ip addresses and can access the internet. The wireless clients can't obtain an ip address anymore and therefore no network connection.
When I change the interface back to "ethernet" the wireless works again, but the wired network is gone, of course.

I think it should work by doing it this way, or am I missing something here?

I already have another wireless network (SSID: staff) set up bridged to AP LAN in "Wireless Networks" and it must stay that way. The wlan (kltv) is configured as seperate zone. I'd rather not use VLANS to solve this, if thats possible.

Can't find any posts that could help, so I hope you can lead me in the right direction.



This thread was automatically locked due to age.
  • Strange.  What do you see with: 

        cc get_objects itfhw awe_network|grep \'name

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Yes, it looks strange. My other wlan also says '0'.

    When I type cc get_objects itfhw awe_network|grep \'name, I get:

    'name' => 'wlan0 (Remote Wireless Network)',
    'name' => 'wlan2 (Remote Wireless Network)',
    'name' => 'MJS',

  • There is no wlan1.  What do you see with:

         cc get_object_by_name itfhw awe_network MJS

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I get this:

    fw01:/home/login # cc get_object_by_name itfhw awe_network MJS
    {
              'autoname' => 0,
              'class' => 'itfhw',
              'data' => {
                          'ap_bridgemode' => 'lan',
                          'bridge' => '',
                          'client_isolation' => 0,
                          'comment' => '',
                          'crypto_alg' => 'aes',
                          'description' => 'Remote Wireless Network',
                          'dot11r' => 0,
                          'dynamic_vlan' => 0,
                          'encryption_mode' => 'wpa2_enterprise',
                          'freq_bands' => 'ag',
                          'hardware' => 'wlan1',
                          'hide_ssid' => 0,
                          'interface_name' => 'wifi1',
                          'mac' => 'xxxx',
                          'mac_filter' => 'disable',
                          'mac_list' => '',
                          'mesh_id' => '',
                          'mesh_mode' => 'none',
                          'mesh_subtag' => '',
                          'name' => 'MJS',
                          'network_mode' => 'mixed_bgn',
                          'network_name' => 'MJS',
                          'psk' => '',
                          'r0kh_secret' => 'xxxxxxxxx',
                          'ssid' => 'MJS',
                          'ssid_vlantag' => '',
                          'status' => 1,
                          'time_scheduling' => 0,
                          'time_select' => [],
                          'uapsd' => 1,
                          'utf8_ssid' => 1,
                          'vlantag' => 101,
                          'wep128' => '',
                          'wep_authentication' => 'open'
                        },
              'hidden' => 0,
              'lock' => '',
              'nodel' => '',
              'ref' => 'REF_ItfAwe2',
              'type' => 'awe_network'

    I've put in the x's.

  •      ap_bridgemode' => 'lan',

    That's bridged to LAN.  What happens if you delete that wireless network and create a new one identical to it, but not bridged to the LAN?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi, BAlfson

    I really appreciate your help. That would mess up our network a little bit. Luckily it's holidays next week, so I give it a try tomorrow and see if it at least will enable me to create that ethernet bridge between eth6 and wlan2. If that is what you are suggesting.

  • Hi again

    It didn't make a difference. I even deleted all my wlans and recreated them, but I still am unable to create that ethernet bridge.

  • I hope you have started a Support case ,cause this is a strange one!

    Let's try the following commands again:

         cc get_objects itfhw awe_network|grep \'name

    and

         cc get_object_by_name itfhw awe_network ????

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • After deletion and recreation of all the wlans I get the same:

    fw01:/home/login # cc get_objects itfhw awe_network|grep \'name
                            'name' => 'wlan0 (Remote Wireless Network)',
                            'name' => 'MJS',
                            'name' => 'wlan2 (Remote Wireless Network)',

    fw01:/home/login # cc get_object_by_name itfhw awe_network
    0
    fw01:/home/login #

    I haven't started a support case yet. I am a little torn between opening a case, or doing a whole new install and configure it all from scratch and see if that helps.
    A couple of years ago I had a support case (also some wireless stuff), which they did not follow entirely through, so the problem was not 100% resolved. They did some manual changes in our UTM and access points (I don't exactly know what), and since then I have noticed some strange behaviour/bugs from time to time. So as you might have guessed, I am not entirely happy with things.

  • Hmmmm...  You're right, it might pay to get  two or 3 backups off the box and then re-image from ISO and restore.  Let us know!

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA