Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 639 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Passive mode for home?

Ted in Dedd

I'm trying to understand the best way to configure the firewall so it can see what's going on and alert me but not get in the way and avoid any changes to my network?

I have a Ubiquiti USG as the gateway device that feeds an 8 port switch. I thought I could either mirror the USG port or make the firewall the default gateway and then route through it to the USG. I have 2 spare ports and don't want to interfere too much with my setup, just see what's going on. 

I tried to mirror a port on the switch but I lost access to the firewall once I did this.

Can I have one port mirrored on the switch mirrored to one firewall port and then another port just so I can look at the results?

Any suggestions welcome. Newb here.



This thread was automatically locked due to age.
Parents
  • 0

    Hello,

    The alternative is to use XG in "Bridge mode", even then you will lose some functionalities.

    Depending on how your network is currently setup, putting the XG on front as the main router/firewall would be the best option.

  • 0 in reply to Prism

    If I put it in bridge mode do I just need to connect 2 interfaces? I was thinking this way, it only sees the traffic to the XG. If I mirror the port with all the traffic to the Internet will that be better?

  • +1 in reply to Ted in Dedd

    I recommend you read the link I've just sent on the last message; The firewall will sit in the middle of your network - and yes you will need to connect both interfaces.

    Also, I don't recommend at all running the XG in bridge mode at home, it will cause unnecessary headache for you since you're new with It. (It won't be a good learning experience.)

    If you can, use the XG as your main firewall/router, It have much more useful functionalities than the USG.

  • 0 in reply to Prism

    I'm having another go at setting the XG up, I started in bridge mode, my USG PSU failed so while I investigate that, I have put the XG in between my ISP router and the Unifi switch. It seemed to work well but what I hadn't spotted is that it was blocking a few applications. Surely in bridge mode, the default settings should just alert me, not block things. Also if it does block thing, I see nothing to show this so I have no choice but to remove it until I can find some softer settings. Can you point me at a minimal setup to allow things through so I can lock down from there?

    I'm running a thread in parallel to this as someone had suggested I follow the example of how to unblock my Ring doorbell but this seems to refer to when I have SSL/TLS decryption set and I don't think I have.

    regards

    Ted

Reply
  • 0 in reply to Prism

    I'm having another go at setting the XG up, I started in bridge mode, my USG PSU failed so while I investigate that, I have put the XG in between my ISP router and the Unifi switch. It seemed to work well but what I hadn't spotted is that it was blocking a few applications. Surely in bridge mode, the default settings should just alert me, not block things. Also if it does block thing, I see nothing to show this so I have no choice but to remove it until I can find some softer settings. Can you point me at a minimal setup to allow things through so I can lock down from there?

    I'm running a thread in parallel to this as someone had suggested I follow the example of how to unblock my Ring doorbell but this seems to refer to when I have SSL/TLS decryption set and I don't think I have.

    regards

    Ted

Children
No Data