NAT and wireless Network setup

Hi Lameris Davis,

you request is a bit light on for details,

1/. what type of AP is it?

2/. what applications on the internet do the users require access to?

3/. which version of XG are you running?

4/. is the XG already in place or is it replacing another device?

Ian

Client do not have a firewall or router in place. I'm going to set up the Sophos xg 115w in the office. The client uses Microsoft 365 for most of their business applications.  I'm attempting to create a small network for the client to create a stable environment.

Client do not have a firewall or router in place. I'm going to set up the Sophos xg 115w in the office. The client uses Microsoft 365 for most of their business applications.  I'm attempting to create a small network for the client to create a stable environment.

hi Lamaris,

At the top righthand corner of the XG forums there are a number of KBAs that will assist you with your further configuration requirements.

In the meantime et us start with a simple configuration to get you on the way.

1/. Assumption is the XG is licenced and you can login to it via the default IP address of 172.16.16.16 and you should receive an IP address

2/. In the network tab create a WAN interface, depends on your ISP as to type.

3/. in the network tab check the DHCP server range if is large enough for your office

4/. In the firewall rules there will probably be some default rules, I would disable those at this stage

5/. in the firewall rules create anew rule at the top, no group as follows

a) a meaningful name

b) source LAN

c) local network

d) destinationWAN

 e) any

f) any service at this stage

g) Applications - Allow all

h) IPS select generic LAN to WAN

i) save

Open the NAT TAB - there might be a default NAT rule in place which you can leave as is.

Create a WIFI AP

open the wireless tab

1/. enable by the AP (might be select)

2/. wait a minute to two until it is active

3/. create your wireless networks connect to LAN,

4/. create your SSID and add it to a wireless network. ( you will only be able o choose one WIFI band.

From here you should be able to connect to the internet and receive mail.

There are further steps to refine and improve your clients network security but at this stage this should get you going.

Ian

If the client is thinking about using a static ip, where should this information go in Sophos? WAN interface?

Hi Lamaris,

what do you mean static IP. Does his ISP assign a static IP and does it have a range? Most ISPs assign a /32 for the client device and that would go on the WAN.

Ian

Hey,

So out of the box, after the initial setup, will the firewall connect to the internet? I wasn’t able to register the device due to the device not being connected. Will the configuration listed above fix this issue? 

Hi Lemaris,

No, it will not, you will need to know the ISP connections details, eg is it a dhcp type or adsl type. If the customer is looking to use a static address then the isp would provide     all the details for you wan connection.

ian

What exactly will I need to setup to get to it working? The office is a shared office building with multiple tenants. I need to be able to set up this firewall to protect the client’s resources. I was thinking NAT also. The client needs to be able to connect endpoints via WiFi. What’s the best way to do this?

If you connect a pc to the internet connection what details do see?
ian

I didn’t actually try that while in the office. What would you do in this situation?