Thread Info
  • State Not Answered
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 1 reply
  • Subscribers 28 subscribers
  • Views 5117 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Access across subnets

RickyPetite

Goal:  Allow persons on the guest network to stream iTunes to Airport Express units connected to the main LAN network.

 

XG firewall with 3 networks:

Port1 LAN 192.168.7.1/255.255.255.0

Kids Wifi 172.16.40.1/255.255.255.0

Guest Wifi 172.16.50.1/255.255.255.0

My Sophos AP15 access points are on the main (port1 LAN) network:  192.168.7.207, 192.168.7.208.

Multiple Airport Express units used to stream music and which reside on the main LAN network:  192.168.7.201

 

I have tried to write firewall rules (both User/Network and Buisness rules) to allow traffic from the guest wifi to cross over to the main network (limited to the specific Airport Express devices) with no success.  Persons on the guest network cannot see the target Airport Express units.  Any help would be appreciated.  Thx

Rick



This thread was automatically locked due to age.
Parents
  • 0

    I'm curious about this as well. My understanding is most Apple devices/services use Bonjour (Apple's implementation of mDNS) which unfortunately is limited to the subnet it's on. However, some routers support the capability to repeat mDNS broadcasts to different subnets so if Sophos XG supports something like this, I'd imagine all we would need to do is 1) setup the mDNS broadcast and 2) create a firewall rule that allows access from the source subnet to the destination subnet. Anyways, hoping someone has a solution for this!

Reply
  • 0

    I'm curious about this as well. My understanding is most Apple devices/services use Bonjour (Apple's implementation of mDNS) which unfortunately is limited to the subnet it's on. However, some routers support the capability to repeat mDNS broadcasts to different subnets so if Sophos XG supports something like this, I'd imagine all we would need to do is 1) setup the mDNS broadcast and 2) create a firewall rule that allows access from the source subnet to the destination subnet. Anyways, hoping someone has a solution for this!

Children
No Data