Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 704 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bridge interface on XG Firewall Home not working

AlessandroGr

Hello,

I have installed the Sophos XG firewall home edition to an embedded PC with 4 NIC adapters and everything works fine.
Now I switched my home phone system to a 3CX system based on a Raspberry Pi 4 and I need to allow the access to the 3CX from internet both for the Voip Trunk as for the possibility to receive the calls remotely through the app.

My internet provider gave me only 1 static IP for the connection so I have the router (FritzBox) that has the static IP configured in and the firewall that has the IP for the WAN interface in the 192.168.178.x class. I need to place the 3CX system on the same IP class of the Firewall in order to avoid the double NAT that doesn't work for the 3CX system.

For this reason I tried to create a bridge interface to connect the WAN interface to the DMZ interface for the 3CX but as soon as the interface is created all the communications with the WAN are blocked. I tried to check all the possible parameters, delete and recreate the interface several times but nothing.

From the computer in the LAN I am able to ping the bridge interface but nothing else. Also the router doesn't reply to the ping.

Do you have any ideas on how to solve the problem? Your support will be very appreciated.

Thanks in advance,
Alessandro



This thread was automatically locked due to age.
Parents
  • +1

    Hi,

    the 3cx system will only be receiving calls from your isp? If that is correct then you can place the XG in router mode, the modem in bridge mode so the XG wan interface receives the IP address assigned to you. You setup one interface for the voip box, how are your phones going to connect to it if on a seperate lan? You create initaiily one rule lan to wan with Nat for your voip box enable logging to see what ports and sites it connects and uses. Then you can refine your rule. Put it at the top of the rule list.

    ian

  • 0 in reply to rfcat_vk

    Hi Ian, I was able to implement the configuration proposed by you only few days ago due to lack of time. Everything works good now!! Thanks a lot for your support!!

    Alessandro

Reply Children
No Data