This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Same Vlans on two Interfaces

Hello above is my Network diagram,

I want to have redundancy 

I have configured the switch uplinks as trunks also I have added my vlans on the first interface of sophos I'm trying to put the same vlans on the second so if switch 1 have a problem the second link will route my traffic from switch 2.

Unfortunately Sophos does't like that and I cannot add the same vlans on the second interface of sophos.

Is there any solution for having redundancy in my scenario. thx 

 

  



This thread was automatically locked due to age.
Parents
  • Hi,

    not only the XG will not like it neither will the switches because you will have a loop.

    You could try teaming the switches, but I am not sure how to configure the XG interfaces?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Isn't there any solution for active and backup link.

    For example lets say the interface 1 is my active and interface 2 is my backup.

    If interface 1 goes down the second will be active

    Or a spanning tree support in the firewall?

Reply Children
  • What you haven't said is how your users are connected to both switches? What provides the IP addresses and which switch is it connected too?

    Your approach is too simplistic, you need to consider traffic routing in your network before even worrying about internet access.

    Are all users/servers dual homed, do you have seperate IP address ranges on each switch?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • The above picture displays the basic Network.

    All the interVlan routing is implemented in sophos.

    The scenario that I want is If switch 1 (or the link with Fw) goes down all traffic of my internal network should go from interface 2 of sophos. 

    Is there any solution for that? 

  • This is not a UTM issue.  Thr only way to do redundancy is with a LAG group.   Worse yet, LAG groups on multiple switches is not supported by the standard, but it is supported by some switch vendors using proprietary methods.