This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VLAN routing

We are trying to start with a ping to a VLAN. I have port 8 on my Sophos XG with an IP on the VLAN. That cable is going to a port on a layer 3 switch. We setup rules to go back and forth and setup routing for that network. When I hook directly into that switch with a static IP, I can ping the gateway on that network. When I am trying to ping behind the firewall, the request is unreachable. I have a ticket open with support but have no resolution as of yet. Thanks.

This thread was automatically locked due to age.

Parents

0 Jason Bristow over 3 years ago

Randy,

I'm really interested to know how you make out with this. We had a number of issues with VLANs and I feel we're still fighting problems for one customer. The problem for us is our customers firewall is a 16 hour drive from here so we can't tinker with anything too much.

In our case, support kept telling us that the issue was asymmetric routing which I don't really believe because we use routing and VLAN's with most of our customers and we've never encountered this issue with Sonicwall firewalls.

Support had us use the command line to create bypass rules which I wasn't a fan of. Here's an old example I just found: Avoid Asymmetric Routing in Cyberoam (sophos.com)

Now I'm thinking maybe I'll setup a test lab in the office tomorrow and reproduce the issue we had too.

Let me know how it goes on your end. Also, what kind of switches are you using?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Jason Bristow over 3 years ago

Randy,

I'm really interested to know how you make out with this. We had a number of issues with VLANs and I feel we're still fighting problems for one customer. The problem for us is our customers firewall is a 16 hour drive from here so we can't tinker with anything too much.

In our case, support kept telling us that the issue was asymmetric routing which I don't really believe because we use routing and VLAN's with most of our customers and we've never encountered this issue with Sonicwall firewalls.

Support had us use the command line to create bypass rules which I wasn't a fan of. Here's an old example I just found: Avoid Asymmetric Routing in Cyberoam (sophos.com)

Now I'm thinking maybe I'll setup a test lab in the office tomorrow and reproduce the issue we had too.

Let me know how it goes on your end. Also, what kind of switches are you using?
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 rfcat_vk over 3 years ago in reply to Jason Bristow

hi,

have a look at the fix list in v18.0.6 and see if any address your issues.

ian
Cancel
Vote Up 0 Vote Down

Cancel
0 Jason Bristow over 3 years ago in reply to rfcat_vk
Oh man if this is the fix I'm going to be so mad that they didn't believe there was an issue when using bridging and VLAN's. We spent a good week working with support on this.

From Sophos (XG) Firewall v18 MR6 (Build 655) is Now Available - Release Notes & News - Sophos (XG) Firewall - Sophos Community

NC-72153 [Firewall] VLAN on bridge with fastpath enabled does not pass traffic

rfcat_vk thanks for reminding me to check the latest release notes. I'm going to take a backup and put that release on one of our units.

Jason
Cancel
Vote Up 0 Vote Down

Cancel