This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Inter-Vlan routing

Hi,

I'm looking at moving my WIFI onto its own management VLAN and need to setup VLAN routing which I thought I had working but its a bit weird now.

So I have 2 WANS on load balancing and 3 LANS.. Vlan 1 and 20/30. Sophos dishes out the DHCP on 20 and 30.

Currently my VLAN 30 uses radius for SSO so I had a rule to link VLAN 30 to the LAN 1fo rth relevant ports.. which sort of worked.

I started messing around with the ZONES and made a zone for each physical interface as I thought it would be more secure. Not sure why... I presumed tht having all the physical LANS in one zone wasnt right.

So previously setup the rule LAN > VLAN30 to LAN > VLAN30 for the relevant port but its not working now. I've currently just set it (very insecurely) to ANY ANY on that port to get it working.

How can I securely achieve this.

I really just want the VLAN to be able to access specific IPs and Ports on the LAN....needs to be 2 way too

This thread was automatically locked due to age.

0 emmosophos over 3 years ago

Hello Simcfc73,

Thank you for contacting the Sophos Community!

So it seems like you have a Firewall rule issue, as it is working with an open ANY ANY.

Probably the Source and Destination Zones are not matching the traffic. Also, confirm that you have enabled pertinent services for each Zone. (Local ACL)

Regards,

Emmanuel (EmmoSophos)

Technical Team Lead, Global Community Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel