Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 5818 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Vlan tagged PPPOE interface through virtualized Sophos UTM 9.4 on Hyper-V

Matt_NZ

I've recently moved from VDSL to Fiber but am having some trouble with getting the connection working.  To help visualize things, this is how my network between the UTM and fiber ONT looks:

My ISP requires that the fiber connection needs to connect with PPPOE on tagged VLAN 10.  To do this with Sophos I've unsuccessfully tried doing this two ways.

First, in Hyper-V on NIC 2 I've left the VLAN unset and in Sophos I've set the config like this:

I've also tried setting the VLAN to 10 in the Hyper-V settings for the NIC.  In both scenarios the connection doesn't work and I see these entries in the log:

2016:06:20-02:06:56 sophos-1 pppd-pppoe[13898]: Plugin rp-pppoe.so loaded.
2016:06:20-02:06:56 sophos-1 pppd-pppoe[13898]: RP-PPPoE plugin version 3.8p compiled against pppd 2.4.6
2016:06:20-02:06:56 sophos-1 pppd-pppoe[13898]: pppd 2.4.6 started by root, uid 0
2016:06:20-02:06:56 sophos-1 pppd-pppoe[13898]: Send PPPOE Discovery V1T1 PADI session 0x0 length 18
2016:06:20-02:06:56 sophos-1 pppd-pppoe[13898]:  dst ff:ff:ff:ff:ff:ff  src 0:1a:8c:f0:28:a4
2016:06:20-02:06:56 sophos-1 pppd-pppoe[13898]:  [service-name] [host-uniq  4a 36 00 00] [PPP-max-payload  05 dc]
2016:06:20-02:07:01 sophos-1 pppd-pppoe[13898]: Send PPPOE Discovery V1T1 PADI session 0x0 length 18
2016:06:20-02:07:01 sophos-1 pppd-pppoe[13898]:  dst ff:ff:ff:ff:ff:ff  src 0:1a:8c:f0:28:a4
2016:06:20-02:07:01 sophos-1 pppd-pppoe[13898]:  [service-name] [host-uniq  4a 36 00 00] [PPP-max-payload  05 dc]
2016:06:20-02:07:11 sophos-1 pppd-pppoe[13898]: Send PPPOE Discovery V1T1 PADI session 0x0 length 18
2016:06:20-02:07:11 sophos-1 pppd-pppoe[13898]:  dst ff:ff:ff:ff:ff:ff  src 0:1a:8c:f0:28:a4
2016:06:20-02:07:11 sophos-1 pppd-pppoe[13898]:  [service-name] [host-uniq  4a 36 00 00] [PPP-max-payload  05 dc]
2016:06:20-02:07:31 sophos-1 pppd-pppoe[13898]: Timeout waiting for PADO packets
2016:06:20-02:07:31 sophos-1 pppd-pppoe[13898]: Unable to complete PPPoE Discovery
2016:06:20-02:07:31 sophos-1 pppd-pppoe[13898]: Exit.

I'm fairly certain that the issue is not with either the Netgear or Cisco switches as I can plug a Mikrotik router into the same port on the Cisco switch that NIC 2 on the Hyper-V server is connected to and it can connect just fine.  So, it's either something with the way Sophos is trying to connect or the way I have Hyper-V configured but I'm not sure where exactly to look at this point.



This thread was automatically locked due to age.
Parents
  • 0

    There have been several similar threads with few answers. From what I gather, you will need to use powershell to set then vlans on the hyper-v virtual adapters, this is different from the GUI settings and not available there. I have struggled for a year to get VLANs working properly on a hyper-v hosted utm. No luck.

    My two cents... Sophos is run by a bunch of clowns who care about useless Gartmer awards and not real world results. The UTM is a bug riddled open source monster intertwined with proprietary glue code and an inept management and development team run by the corporate clowns... Find a real enterprise router/firewall and run away from these nitwits as fast as you can, while you can.

Reply
  • 0

    There have been several similar threads with few answers. From what I gather, you will need to use powershell to set then vlans on the hyper-v virtual adapters, this is different from the GUI settings and not available there. I have struggled for a year to get VLANs working properly on a hyper-v hosted utm. No luck.

    My two cents... Sophos is run by a bunch of clowns who care about useless Gartmer awards and not real world results. The UTM is a bug riddled open source monster intertwined with proprietary glue code and an inept management and development team run by the corporate clowns... Find a real enterprise router/firewall and run away from these nitwits as fast as you can, while you can.

Children
No Data
Unfiltered HTML