Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 38 subscribers
  • Views 6096 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP on a VLAN interface

NikolaosBeglitis

Hi,

Apparently I don't get an IP from the DHCP listening to a VLAN interface. This might be because an IP for this machine has already been leased on a different interface. I came across this about how to set the global static option on the DHCP however the commands do not seem to apply to Sophos Firewall XG 18.0.3 anymore

https://support.sophos.com/support/s/article/KB-000036032?language=en_US

Can you please advise?

Kind regards,

Nick



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to emmosophos

    Screenshots attached

    Let me ask this question first because to me it is not very clear (and it is not inline with Sophos UTM either). Say I have one Ethernet port, in this case Port3. When I add a VLAN with ID 2, the VLAN acts as a virtual interface. I can then go and set it up in terms of IP address etc. However, the physical port Port3 still seems to require an IP address. What should that address be? What VLAN is Port3 on? 1?

  • 0 in reply to NikolaosBeglitis

    In V17.5, you have to give Port3 a IP address. In V18, you can leave Port3 as it is and place a VLAN ontop on it (like UTM). 

    And no, it is not allowed to have the same Subnet range. 

    __________________________________________________________________________________________________________________

  • +1 in reply to NikolaosBeglitis

    Hello Niko,

    Since you have the same subnet in the VLAN and the interface the DHCP relay will not work. You would need to change the subnet either in the Port or in the VLAN, as Luca mentioned, in v18 you could leave the port without any IP and just put the VLAN in there with the IP 192.168.50.2 if you wanted to. 

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to emmosophos

    Thank you everyone for your replies, much appreciated. I eventually went a different route and I abandoned VLANs from inside the firewall altogether. I virtualised the system using ESXi and I am now handling VLANs at the ESXi and switch level using trunking. All the best! 

Unfiltered HTML