Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 933 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG: VLAN Wifi different physical Interfaces

Sascha Benecke1

Hi,

I have 2 physical interfaces and both are lan zones. They should be separate networks. There should be no traffic between both of them.

I have 4 Sophos APs on interface A. There should be Wifi bridged into lan A.

Before I ordered switches with vlan functionality I already bridged wifi to lan A.

Now I want to have a second SSID bridged to the lan B network but how do I do that? Create vlan on interface A and a bridge with vlan and interface B? Or Create vlan on interface B and in wifi settings set the option bridge to vlan and this is enough?

Here is a picture for what I mean.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to FormerMember

    Ok, just to be clear, I don't need the vlan for the second SSID on interface A because the traffic from the second SSID is routed via the AP vlan and then bridged inside the sophos firewall to interface B? 

  • 0 in reply to FormerMember

    I added VLAN 48 to Interface B and bridged the SSID to VLAN 48. There is also DHCP for VLAN 48 but it is not working. I expect the access point wants to give traffic to the VLAN, but I have not VLAN 48 on Interface A where the access points are connected.

    If I configure VLAN 48 to Interface A also on the switches and create a bridge with VLAN 48 and Interface B I can connect to the SSID which is bridged to VLAN 48. I also got the correct ip adress but there is no traffic between the wireless devices and the wired devices on interface B. Internet is working but I can not reach any servers on interface B with a wireless device. Advanced Port Scanner was able to find the ip adress of the server and the wireless device but I can not ping or use rdp connections. Any ideas?