Hello All
This is my first time on sophos community discussion....so be nice :)
We are about to migrate our firewall solutions from Cisco ASA to Sophos XGs. We are testing the new XGS firewalls before we implement them into production and I have had a few strange scenarios which I raised with Sophos support. It seems that Sophos XG does not like the native vlan 1 subnet which is a problem as our server infrastructure is on vlan 1...is this correct.
The network topology is a Cisco layer 3 switch with vlan interfaces and ip routing enabled. Each subnet of our network has an svi on the cisco switch for the default gateway. As the servers are on vlan 1...not a good move but we inherited the configuration - I have configured the XGS to be on the same vlan 1 for the LAN port and the port is configured as an access port. We have configured a static route on the layer 3 switch to go to the XGS LAN ip for internet traffic.
We have configured static routes on the XGS to get back to each vlan.
For some reason each vlan device cannot get internet access...and I have configured simple rules for http/https traffic with nat.
Any ideas
This thread was automatically locked due to age.
