Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 8392 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to set up VLANs - terminology and process

BJohnson

Hello,

I'm sure this will be very simple once I understand Sophos nomenclature, but until then I'm dead in the water.

I have a very simple network setup - the Sophos UTM SG115w provides DHCP, DNS and Layer 3 routing, and a managed Cisco SG300 in layer 2 mode handles the traffic.  VLANs are assigned on the SG300 by port.

I want to setup 8 VLANs in the Sophos, including the default untagged VLAN.  Unfortunately, I already designated the desired gateway for the default VLAN as the default gateway that was AUTO CREATED DURING INSTALLATION, so it might as well be... I don't know, but it's not usable.

I started by creating a new Ethernet VLAN interface called Printers.Scanners, assigned it to interface eth0, tagged as VLAN 15, with an IP address of 1.2.3.1 and a netmask of 255.255.255.240.  Then, I go to DHCP and create a new scope, assign it to interface Printers.Scanners, and it auto-populates with an IP range from 1.2.3.1 to 1.2.3.14, with a DNS and gateway of 1.2.3.1!

Now, I know that if I want the gateway to be static, the range needs to start with .2.  So why does the Sophos start with .1?  When I go to Network Definitions, however, the scope has been "treated" properly - there are 3 entries for Printers.Scanners, address 1.2.3.1, broadcast 1.2.3.15 and network 1.2.3.0/28.  When I create the Ethernet VLAN interface, should I be checking the default GW box and listing the .1 address as the default gateway?  Because the DHCP scope automatically lists the .1 address as the default gateway and the DNS server, but the explanation for checking the default GW box in the Ethernet VLAN interface settings seems to indicate that the default GW only applies to the AUTO CREATED DURING INSTALLATION gateway.

5 of the VLANs are wireless - 4 will use the SG115 and 1 will use an non-Sophos access point.  I know that I need to bridge those 4 wireless interfaces to the default interface, eth0, but if I can't understand how to set up the wired VLANs, it's probably not a good idea to setup the bridges just yet.

Also, I'd like to aggregate eth2 with eth0 to increase LAN bandwidth, but that seems unwise as well.  Lastly, I'll be converting the HA port, eth3, to a backup WAN port.

Neither the knowledge base nor the internet explains this in a way that's understandable, and I've been on hold with customer support for over 2 hours on 3 different occasions without ever speaking to someone, so I'm lost.

Thanks in advance for your reply!



This thread was automatically locked due to age.
Parents
  • 0

    Hi, and welcome to the UTM Community!

    If Wayne's comment didn't help you solve your problem, please insert a picture of your 'Interfaces' tab.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks, Bob.  The overall issue was that I was attempting to do something that can't be done - assign a VLAN-type interface to a WLAN network.  I've learned that the virtual SSID interfaces function as virtual LANs.

Reply Children
No Data
Unfiltered HTML