This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IP Allias

Hi All,

I am just entering the world of Sophos having purchased 2 XG Firewalls.

We are currently in the process of switching over from 2 firewalls (both different vendors) to our XG.

I have recently started tat this company and we have a  /16 network with no vlans or any segregation. Everything is static IP with no DHCP. Previously server traffic/other devices wasrouted via firewall A and desktop traffic was routed via firewall B. The firewall on interface X has the IP of what was Firewall B. We have migrated all rules and switched off the old Firewall B. For this everything is working fine as the gateway for desktops previously pointed at Firewall B. We are now in the process of migrating firewall A. We have done all the rules but are stuck with setting the IP. We paid for PS but have run out of time. They have said it is not possible to give the firewall the IP of Firewall A as it is in the same subnet as IP of firewall B. Is this the case? Can you not give the interface an alias as we have with the WAN interface? Or can we use another interface on the device?

If we had DHCP this wouldn't; be as much of an issue. The thought of having to change the gateway on 1000 machines or all server/IP phones/printers/CCTV is haunting me. 

Any advice is greatly welcomed. 

Kind regards,

Mark



This thread was automatically locked due to age.
  • If this isn't possible any other solutions are also welcomed. 

  • Hi Mark,

    This should be possible. I just tested this.
    Within "add interface" dialogue select "add alias".
    For network interface 192.168.0.254/24 i add the 2nd IP/alias 192.168.0.222/32
    Now booth IP's are usable as gateway.
    AND YES i select /32 (single host). This was the best practice with Sophos-SG-Firewall and seems this works with XG too.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • Thanks, dirkkotta,

    That's great information. Thanks for the support.