Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 929 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG: VLAN Wifi different physical Interfaces

Sascha Benecke1

Hi,

I have 2 physical interfaces and both are lan zones. They should be separate networks. There should be no traffic between both of them.

I have 4 Sophos APs on interface A. There should be Wifi bridged into lan A.

Before I ordered switches with vlan functionality I already bridged wifi to lan A.

Now I want to have a second SSID bridged to the lan B network but how do I do that? Create vlan on interface A and a bridge with vlan and interface B? Or Create vlan on interface B and in wifi settings set the option bridge to vlan and this is enough?

Here is a picture for what I mean.



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    As mentioned you're willing to have other SSID bridged to the LAN B network. You only need to add the VLAN interface on PortB interface and then tag the wireless network with correct VLAN id.

    Check more information at Bridge wireless traffic from an external Sophos access point to VLAN

  • 0 in reply to FormerMember

    Ok, just to be clear, I don't need the vlan for the second SSID on interface A because the traffic from the second SSID is routed via the AP vlan and then bridged inside the sophos firewall to interface B? 

  • 0 in reply to FormerMember

    I added VLAN 48 to Interface B and bridged the SSID to VLAN 48. There is also DHCP for VLAN 48 but it is not working. I expect the access point wants to give traffic to the VLAN, but I have not VLAN 48 on Interface A where the access points are connected.

    If I configure VLAN 48 to Interface A also on the switches and create a bridge with VLAN 48 and Interface B I can connect to the SSID which is bridged to VLAN 48. I also got the correct ip adress but there is no traffic between the wireless devices and the wired devices on interface B. Internet is working but I can not reach any servers on interface B with a wireless device. Advanced Port Scanner was able to find the ip adress of the server and the wireless device but I can not ping or use rdp connections. Any ideas?