Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 39 subscribers
  • Views 2157 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG DHCP Server Assign IP to multiple subnets from one interface

Marcos Flores

Hello everyone. First, sorry if this is double post, but i could only find one with similar subject (https://community.sophos.com/xg-firewall/f/discussions/88324/xg-dhcp-server---multiple-subnets-not-local-interface-subnets) and there's not really a solution in there.

Let me explain my network first: I have multiple LANs connected to my XG Firewall (in building 1), two WANs and one virtual interface (7.200) connected to another building (building 2) via MACRO LAN. That building 2 has multiple VLANS (differents from the other buildings) and all the traffic is redirected to my XG Firewall in the building 1. I have an interface (which has an internal IP address to the other end) which is where I get all the traffic from there.

My question is: how can I assign dynamically and ip address to the different subnets in the building 2 if I only have one interface to handle all the traffic from there? In addition, the interface does not have IP of any of the subnets there.

Thank you for your time.I hope it was understood.

 

 



This thread was automatically locked due to age.
  • 0

    Hi Marcos,

    you would have to extend the VLANs back to the XG.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    There is something like DHCP Relays. So you could use a DHCP Server (Windows for example) which handles all DHCP request. And you relay all VLANs to this DHCP server. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Hi.

    First of all, thanks for your quick responses.

    The problem with extending the VLAN to the XG is that the VLANS of building 2 are not managed in the XG of building 1. There is a router (not manageable, provided by our ISP) that is responsible for providing the gateway to the VLANS of the building 2 and send the traffic to our XG in Building 1 in case they need to access a server hosted in 1.

    As for the DHCP relay, this is how I have it now, but it is not working. As the interface of the DHCP relay, I have the interface which is connected to building 2, however, the ip of the interface is the internal one between the 2 routers that connect the headquarters. I have other subnets configured for the DHCP relay but they are networks directly connected to the XG via interface.

    To put us in situation, in building 1 I have the VLANS (with their respective interfaces 1,2,3) 10,20,30 with the subnets 20.1.10.0/24, 20.1.20.0/24 and 20.1.30.0/24, the which take ip through relay by the XG of the server 172.16.1.0/24.
    Later, I also have an interface (8) with ip 20.1.100.0/24, which is the one that is directly connected to building 2. In building 2, I have VLANS 10,20,30, with subnets 20.2.10.0/24 , 20.2.20.0 / 24 and 20.2.30.0/4, which I want to get ip dynamically.

    Right now, I have the DHCP relay configured for port 8, for the 172.16.1.0/24 server. Scopes on the server are created. This is not currently working.

    What am I overlooking?

    I hope it was understood. Have a nice day.

  • 0 in reply to rfcat_vk

    Hi Ian,

    What you mean extend the VLANs to the XG? The problem is that the gateways from the subnets that i want to assign the ip dinamically dont be managed in the XG itself, but in the router (no managed) on the building 2. That router sends all the traffic from the building 2 to 1, to one single interface.

    I have a post answering Lucar. Please consult it if you want further information.

    Thank you for the help and your time.

    Have a nice day

  • 0 in reply to Marcos Flores

    Can you draw a map of your networks? Maybe with paint. Show us in a simple overview, what you are going to do. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Hi again,

    Sure thing, sorry but i had to do it in Paint, since i am not in my workplace right know.

    https://ibb.co/ysQRvsJ

    I dont know if that's clear. basically, like i said, i have one single interface in sophos where comes all the traffic from building 2. But the XG dont know the subnets from building 2. There's only routing from building 2 to 1. the problem is i want to assign ip dinamically to building 2, but i only have one interface in the XG for all the traffic from 2.

    I hope its clear. Thank you so much for your time.

    Please tell me if you need more info.

    Have a nice day.

  • 0 in reply to LuCar Toni

    t should be said that it is not exactly how the network is set up but I think there is what is necessary so that the problem can be understood

Unfiltered HTML