LAN / VLAN SWITCH CORE (CISCO) WITH FIREWALL SOPHOS

RE: LAN / VLAN SWITCH CORE (CISCO) WITH FIREWALL SOPHOS

Rodolfo Flores — Tue, 07 Dec 2021 21:41:30 GMT

Thanks for answering the sw core I use it for my LAN network where I have declared the vlan interfaces of each one I am only placing a static route in the cisco 0.0.0.0.0 0.0.0.0 172.16.1 which is the IP of Sophos in summary I want that the vlan go to the internet.

RE: LAN / VLAN SWITCH CORE (CISCO) WITH FIREWALL SOPHOS

PhilippRusch — Tue, 07 Dec 2021 20:09:27 GMT

Hola Rodolfo,

I think you are using that cisco switch as your default gateway for all of your (internal) VLAN's, right?

If you now add a firewall to that network, that system either has to be the new "default gateway" for all of your networks OR the firewall-system "has to know" about all these other networks. This would mean to add static routes on the firewall with the cisco as gateway. I suppose these "other" networks can only be reached through the cisco-gateway. That would need one (untagged) VLAN uplink to the Sophos firewall system and then doing IP-routing from there.

Second way:

If you would like the Sophos firewall to be part in all these VLAN networks, you need to setup a trunk from the cisco to the firewall-port and then you have to define the ethernet-vlans on that physical port on the Sophos as well. Then you shouldn't do the routing on the cisco anymore, instead use the Sophos as default gateway.

RE: LAN / VLAN SWITCH CORE (CISCO) WITH FIREWALL SOPHOS

Rodolfo Flores — Tue, 07 Dec 2021 16:22:05 GMT

RE: LAN / VLAN SWITCH CORE (CISCO) WITH FIREWALL SOPHOS

BAlfson — Sun, 05 Dec 2021 19:05:12 GMT

¡Hola! Rodolfo and welcome to the UTM Community!

Please insert a picture of the Edit of the UTM Interface definition for the port connected to your switch.

Cheers - Bob