Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1450 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Some IPs in the same VLAN is not communicating

UJay

Hi

I am experiencing a very strange situation. In my network i do have a number of VLANs.

Some devices in one of the VLANs are unable to communicate with Internet. In this particular VLAN, currently i do have 4 devices which are successfully communicating to the Internet (LAN to WAN). Yesterday, i add two new devices into that VLAN.

Now I am noticing that those two new devices are not communicating with the internet. I tried to diagnose with Sophos inbuilt PING and TRACE Route tools to IP addresses of those devices from another VLAN. That was unsuccessful, but i can PING to IPs of old devices that i have.

When i connected a computer with static IP on that VLAN, i get an error message on the computer saying no internet. But, when i use the Policy Check in XG firewall by using a common external IP (e.g. google) from the problematic IPs, it provides successful results.  

Any suggestions? 

I am using XG-115 as the firewall. I do have a 24 port UNIFI switch, that is where all devices (in this particular VLAN and other VLANs) are connected to. 

I tested by creating a new firewall rule just mentioning IP addresses (as source addresses) of devices which were introduced on yesterday. But nothing worked. 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to emmosophos

    There are no specific settings implemented in the switch. Also i am using the same switch to connect other devices (which are working fine) into the same VLAN. Further, all other devices (which are in different VLANs) are also connected to the same switch. 

    But for just for sake of isolating the issue as you said, I have tried pre-defining the VLAN to the specific port to see whether it resolves this issue. Unfortunately, no change.

  • 0 in reply to UJay

    Hi,

    the trouble seems to be that you have two VLANs on one switch with no configuration to seperate the traffic.

    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    I do have VLAN separations in switch and they are tagged back to VLANs in the XG115. Please note that i was using the same for last 1.5 hrs without any issues. Refer the below diagram

  • 0 in reply to UJay

    Sorry, i misunderstood your post about the switch.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to UJay

    Hello there,

    Thank you for the follow-up.

    I would recommend you to do a TCPdump in the XG with the IP of this device to see if the XG is seeing the traffic arriving to it, from the advanced shell (5>3) run:

    tcpdump -eni Port1.xx host x.x.x.x 

    Where the .xx would be the vlan ID, for example, Port1.50 and x.x.x.x would be the IP of the device 172.16.50.100

    IF you don't see traffic arriving to the device most likely your switch is blocking the traffic/misconfigured 

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML