I am having some trouble with my Sophos VLAN config. Long story short.
Sophos UTM -> eth6 -> vlan6,8 -> trunk port on netgear GS108t. Another port is set as U for my pc connected to the switch.
Everything works as it should meaning. I am able to set up a machine on a designated VLAN port on the switch and get a DHCP address from the Sophos (vlan6)..etc. My only concern is that I can still ping addresses from vlan6,8 to my LAN which is connected to the same switch via eth0 on the Sophos. I have explicitly denied traffic from the VLAN interface to the LAN interface but it still allows the pings..etc. ICMP tab nothing is checked. Not sure if its my sophos or something in the switch.
Edit ~ So even if I bypass the switch and connect eth6 into my ESX box set up with vswitches 6,8. I can still ping the LAN network from those vlans. Even with the denies the traffic still flows.
This thread was automatically locked due to age.
