Hi I'm new here. An IT sales person, with only interest instead of knowledge :)
I have installed sophos home on a sg135 oem appliance. Now I have defined the wan/lan interface on eht0 and eth1. Because the sg135 has multiple ports, I want to use the other interfaces as an ethernet switch.
The first searches on this forum pointed me to link aggregation under the interface settings.
With this I did the following: 1. Link Aggregation Group created 2. Changed LAN interface (eth0) from Ethernet to Ethernet bridge and set the selected NICs to both the Ethernet and LAG.
After that, I have internet access on all of the selected interfaces within the LAG, just no access to other LAN devices. For this I created a firewall rule Internal LAN > Any > Internal LAN. Also without any good result.
Does anyone have a link to a topic, or a short explanation how I can achieve this?
Thank you very much for your help in advance!
UTM is not designed to be a network switch. If you read the fine print, Bridge interfaces only pass specific Ethertypes. IPV4 is enabled by default, any others have to be itemized individually. You can…
Hoi and welcome to the UTM Community!
I'm a visual-tactile learner, so it would help to "see" what you have. Please insert pictures of the Edits of the the LAG and the firewall rule. Also a picture of the 'Interface' tab.
Cheers - Bob
Hi Bob, thanks for your reply.
Please see the screenshots in url below
Do you need more information?
SG115 USING LEFT PORTS AS A SWITCH - General Discussion - UTM Firewall - Sophos Community
Recommended not to do this.
UTM - 9.707 | Intel i3-4150 4th Gen Processor 16GB Memory | 500GB SATA HDD | GB Ethernet x5
Please Edit your post, and insert your images into the post. We can't know if that external site is properly protected. The only malware I've gotten in over 10+ years was from an external link to a picture in this forum over 5 years ago. Thanks in advance!
UTM is not designed to be a network switch. If you read the fine print, Bridge interfaces only pass specific Ethertypes. IPV4 is enabled by default, any others have to be itemized individually. You can do a web search for IANA Ethertypes. It is a long list, and you may struggle to know which ones you need. A real network switch will pass all Ethertypes by default.
This is not a defect as much as a design decision. I used a UTM bridge configuration to slip my device between my internal network and my existing Internet firewall. The firewall mostly ignores traffic other than IPv4, so the default bridge configuration worked pretty well. I threw in a few other Ethertypes just to be sure, but the list was short.
A network switch has other features like fast-pathing that help performance. UTM already tries to do a lot of things, possibly too many. Trying to be a network switch would only stretch the design and development effort in a direction that would further hinder the effort to be great at all the other features.