I have a client with a SOHO. I'm using the available XG86 ports as a switch and I created a Bridge with two ports and setup a Lan to Lan policy, but the devices on Port 1 can't see the devices on Port 4. The XG can ping the devices with no problem. I've attached screen shots of my configuration.
Dumb question are they both on the same network addressing scheme?
Ian
Frank,
Is nat enabled on the firewall rule? Also, the same pc needs to surf on internet?
Regards
Hi Frankv104,
If firewall rule is configured correct with no NAT and still you are facing this issue. I would suggest you to take packet capture on destination IP address.
Run continues ping to destination IP and check if traffic is hitting correct firewall rule and share packet capture output with us.
Follow this KB Article: Sophos XG Firewall: How to filter packets using packet capture
Thanks,
Community Support Engineer | Sophos Technical SupportSupport Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts If a post solves your question use the 'Verify Answer' button.
My God. 13 comments and some of the worst responses I've ever seen replying to a problem. No.. this doesn't work. Yes.. it's supposed to. Correct, no one here obviously knows why.
Packet capture? Good Lord, come on guys.
We actually finally got this to work by Unchecking the option "Enable routing on the bridge pair" on the "Bridge Interface" page!
Thanks for all the feedback.
Still not working for me after unchecking that box. I'll keep trying. Thanks.
Ended up you also need a LAN to LAN firewall rule. Seems a little silly. I'm not sure why this isn't allowed by default. Sophos is literally the only vendor I've ever dealt with that works this way. In any case - no "packet captures" needed. Lol.