Hi everyone…
I need help to configure Sophos XG Firewall and help with understanding how bridge and VLAN's work on XG(If they work) and how to TAG/UNTAG VLAN's…
There is requirement for 3 separated zones each with own VLAN, own DHCP Server and own FW/AV/IPS/Threat rules …
On one port is connected switch with VLAN support and need TAGGED VLAN's from XG. If I on ETH1 create VLAN's and set DHCP Server to use that VLAN's on switch ports DHCP work normally(Depend on which VLAN is configured on port).
Direct on XG are also some computers/devices because XG have enough ETH ports and SWITCH is on other location so they can't be connected to switch…
How I can add ETH7 to same PRIVATE zone(DHCP, rules) and port VLAN tag must be removed because connected device do not support VLAN tagging?
I’m try create BRIDGE with all ETH ports and on that BRIDGE create VLAN's but switch is work ok but direct ports didn't work…
Zones:
LAN zone is »blackhole« zone without DHCP Server and access to anything.
BRIDGE with VLAN's:
That configuration work ok with switch which support VLAN tagging but not with pc/device connected to direct XG ports (4,5,6,7) … Devices do not receive anything from DHCP Server…
What I’m do wrong or how I can get what I want?
Maybe this diagram will clear picture what I need:
Thanks for any help and hint.
This thread was automatically locked due to age.