Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 27 subscribers
  • Views 5484 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VLANs behind RED

Predrag Milenkovic

Dear All,

I have "small" problem with XG230/RED50 configuration:

XG230

Port2

  • configured - WAN

Port1

  • Default address 172.16.16.16/24 in LAN zone
  • Vlan 2 and Vlan 3 are configured on Port1 also in LAN zone (Vlan2: 192.168.121.0/23, Vlan3: 192.168.122.0/24)
  • For both Vlan's DHCP servers are configured

Firewall

  • Except default rules I have added rule: (LAN zone, All networks and devices, all the time) --- ACCEPT --- (LAN zone, All networks, All services) without users matching and masquerading

RED50

  • Connected to XG230
  • Operation mode: Standard/Unified
  • Private IP address: 172.16.16.18/24 in LAN zone
  • Switchport mode: VLAN, port1 defined as trunk port with Vlan IDs 2 and 3

Behind XG230 and RED50 are L2 switches with configured trunk ports (Vlan2 and Vlan3) and access ports.

Problem is: Computers behind XG230 are getting correct IP addresses, Computers behind RED50 are not...

Where is my mistake?

Thank you in advance for your help!



This thread was automatically locked due to age.
  • 0

    Hi,

     

    Why do you need VLAN behind a RED in this setup?

    Because you need to bridge the VLAN ID 2 on XG together with the RED Interface on XG. And afterwards you would have to tag the ID on the bridge.

    And this is not possible. (Only 1 VLAN per Bridge) https://community.sophos.com/kb/en-us/123508

     

     

    Basically most of the time, you dont need the VLAN Tags on the RED Site or you have a DHCP Server on the RED Site. 

    I think your expectation is not correct. You want to have the same subnet on RED site as well XG site, correct?