Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 2759 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

problem of Vlans connection

sadiki elmustapha

Hello
please help
according to the schema j have a proleme of interconnection between the virtual lans connect a LAN interface
i have a sophos xg connect directly to the cisco switch through the LAN interface
the IP address of the LAN interface is x.x.4.100
ip address of switch x.x.4.1
the sub networks (vlans) to create at the cisco level is
x.x.4.0
x.x.1.0
x.x.3.0

.the swtich manages inter-vlan routing
at the switch level there is a default route
0.0.0.0 0.0.0.0 x.x.4.1
at firewall level
routing is well add
example
x.x.1.0 >> GW: x.x.4.1 >> the LAN interface
x.x.3.0 >> GW: x.x.4.1 >> the LAN interface

at sophos level
> subnets communicate well with each other (x.x.4.0; x.x.1.0; x.x.3.0)

the rules add
> rule Lan to WAN
source: LAN
net / host: x.x.4.0 - x.x.1.0 - x.x.3.0
destination: WAN
service: Any
NAT: activate MASQ

I found that the only network that connects to WAN is x.x.4.0 the others not

      I want to know how can I create Vlan at the LAN interface level? and the rules I need so that all Vlan can connect to WAN
 thank you in advance

 

 



This thread was automatically locked due to age.
Parents
  • 0

    Why are you using the cisco switch as a layer 3 router? You could easily route with XG and use the security features. 

    Would only require to add VLAN Interfaces on XG for each VLAN and route everything to XG. https://community.sophos.com/kb/en-us/123127

    Did you already create all VLANs on this Port? 

  • 0 in reply to LuCar Toni

    thank you a lot for your help

     

    yes the cisco switch is as layer 3 

    i added just one Vlan in the LAN interface just for test 

    as port : port 1 "lan"

                 vlan id : 3

                 ip address : x.x.1.0   255.255.255.0

    and on the firewall rulle 

    i already added a rule the lan to wan 

    and the source net/host : i select all vlans

    but doesn t work 

    i want to know if the way how i adding this vlan is correct or no 

    and if i should create a rule for each vlan >> source lan , net/host : vlan 3 , destination wan ....

    thank you for advance

Reply
  • 0 in reply to LuCar Toni

    thank you a lot for your help

     

    yes the cisco switch is as layer 3 

    i added just one Vlan in the LAN interface just for test 

    as port : port 1 "lan"

                 vlan id : 3

                 ip address : x.x.1.0   255.255.255.0

    and on the firewall rulle 

    i already added a rule the lan to wan 

    and the source net/host : i select all vlans

    but doesn t work 

    i want to know if the way how i adding this vlan is correct or no 

    and if i should create a rule for each vlan >> source lan , net/host : vlan 3 , destination wan ....

    thank you for advance

Children