This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Internet only VLAN (for guests/visitors......no access to the main LAN)?

I am a 20+ year IT veteran, but I am brand-new to Sophos firewalls (I am planning on standardizing my clients on them from here on out).

I have created a VLAN on my first XG firewall, but how do I configure that VLAN to only have Internet access, and have no access to the main LAN? That one last step I can't seem to figure out.

Thanks in advance for any assistance!

This thread was automatically locked due to age.

0 Keyur over 5 years ago

Hi Brian Christensen

To allow the only Internet to specific VLAN, you required LAN to WAN firewall rule and can apply content filtering and scanning as per your requirement, LAN zone or whatever custom zone name is VLAN have on the XG firewall

If there is a LAN to LAN firewall rule in the XG firewall, VLAN can communicate with other LAN, if not then they cannot see other LAN networks.
Cancel
Vote Up 0 Vote Down

Cancel
0 carbon15 over 5 years ago

I setup a new zone on the XG for a network like this and put the VLAN interface into it, that way you don't get any accidental traffic passing to your LAN (and vice versa).

That way you can just create an outgoing rule from that zone to the WAN for web traffic. You can create a new zone under the Configure > Network > Zones tab.

Regards
Cancel
Vote Up 0 Vote Down

Cancel