This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to configure multiple interfaces as LAN ethernet bridge (switch)

Hi I'm new here. An IT sales person, with only interest instead of knowledge :)

I have installed sophos home on a sg135 oem appliance. Now I have defined the wan/lan interface on eht0 and eth1. Because the sg135 has multiple ports, I want to use the other interfaces as an ethernet switch.

The first searches on this forum pointed me to link aggregation under the interface settings.

With this I did the following:
1. Link Aggregation Group created
2. Changed LAN interface (eth0) from Ethernet to Ethernet bridge and set the selected NICs to both the Ethernet and LAG.

After that, I have internet access on all of the selected interfaces within the LAG, just no access to other LAN devices. For this I created a firewall rule Internal LAN > Any > Internal LAN. Also without any good result.

Does anyone have a link to a topic, or a short explanation how I can achieve this?

Thank you very much for your help in advance!

This thread was automatically locked due to age.

Top Replies

DouglasFoster over 2 years ago +1

UTM is not designed to be a network switch. If you read the fine print, Bridge interfaces only pass specific Ethertypes. IPV4 is enabled by default, any others have to be itemized individually. You can…

Parents

DouglasFoster over 2 years ago

UTM is not designed to be a network switch. If you read the fine print, Bridge interfaces only pass specific Ethertypes. IPV4 is enabled by default, any others have to be itemized individually. You can do a web search for IANA Ethertypes. It is a long list, and you may struggle to know which ones you need. A real network switch will pass all Ethertypes by default.

This is not a defect as much as a design decision. I used a UTM bridge configuration to slip my device between my internal network and my existing Internet firewall. The firewall mostly ignores traffic other than IPv4, so the default bridge configuration worked pretty well. I threw in a few other Ethertypes just to be sure, but the list was short.

A network switch has other features like fast-pathing that help performance. UTM already tries to do a lot of things, possibly too many. Trying to be a network switch would only stretch the design and development effort in a direction that would further hinder the effort to be great at all the other features.
Cancel
Vote Up +1 Vote Down

Cancel

Reply

DouglasFoster over 2 years ago

UTM is not designed to be a network switch. If you read the fine print, Bridge interfaces only pass specific Ethertypes. IPV4 is enabled by default, any others have to be itemized individually. You can do a web search for IANA Ethertypes. It is a long list, and you may struggle to know which ones you need. A real network switch will pass all Ethertypes by default.

This is not a defect as much as a design decision. I used a UTM bridge configuration to slip my device between my internal network and my existing Internet firewall. The firewall mostly ignores traffic other than IPv4, so the default bridge configuration worked pretty well. I threw in a few other Ethertypes just to be sure, but the list was short.

A network switch has other features like fast-pathing that help performance. UTM already tries to do a lot of things, possibly too many. Trying to be a network switch would only stretch the design and development effort in a direction that would further hinder the effort to be great at all the other features.
Cancel
Vote Up +1 Vote Down

Cancel

Children

No Data