I am just entering the world of Sophos having purchased 2 XG Firewalls.
We are currently in the process of switching over from 2 firewalls (both different vendors) to our XG.
I have recently started tat this company and we have a /16 network with no vlans or any segregation. Everything is static IP with no DHCP. Previously server traffic/other devices wasrouted via firewall A and desktop traffic was routed via firewall B. The firewall on interface X has the IP of what was Firewall B. We have migrated all rules and switched off the old Firewall B. For this everything is working fine as the gateway for desktops previously pointed at Firewall B. We are now in the process of migrating firewall A. We have done all the rules but are stuck with setting the IP. We paid for PS but have run out of time. They have said it is not possible to give the firewall the IP of Firewall A as it is in the same subnet as IP of firewall B. Is this the case? Can you not give the interface an alias as we have with the WAN interface? Or can we use another interface on the device?If we had DHCP this wouldn't; be as much of an issue. The thought of having to change the gateway on 1000 machines or all server/IP phones/printers/CCTV is haunting me. Any advice is greatly welcomed. Kind regards,
This should be possible. I just tested this.Within "add interface" dialogue select "add alias".For network interface 192.168.0.254/24 i add the 2nd IP/alias 192.168.0.222/…
If this isn't possible any other solutions are also welcomed.
This should be possible. I just tested this.Within "add interface" dialogue select "add alias".For network interface 192.168.0.254/24 i add the 2nd IP/alias 192.168.0.222/32Now booth IP's are usable as gateway.AND YES i select /32 (single host). This was the best practice with Sophos-SG-Firewall and seems this works with XG too.
Sophos Solution Partner since 2003 If a post solves your question click the 'Verify Answer' link.
That's great information. Thanks for the support.