Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 474 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

One WAN Bridge and one LAN Bridge

BeEf

Hello,

I am using the Sophos Firwall behind a FritzBox in my Home Office. The instaleld Firmware is the latest SFOS 19.5.1 MR-1-Build278.

I have configured a LAN Bridge br01 for all devices behind the firewall. 

Now I wanted to be able to add some devices in the network between the firewall and the FritzBox.

For this I created another bridge for the WAN to have the orgininal WAN Port and two more ports in the WAN network (like a small switch, FritzBox provides Adresses by DHCP.  Strangely I can add one interface in the DMZ and another one in the WAN (what could be the sense of such a configuration) but I am not able to add more than one Interface in the WAN Zone.

Can this be done? If yes how?

 

Regards,
BeEf



This thread was automatically locked due to age.

Top Replies

  • +1 suggested

    Every Interface has to be in a zone, in a bridge even the memberinterfaces have to be in a zone. 

    If you do this like that, you have to allow the traffic flowing the bridge with a firewall rule (DMZ to WAN and, if you want, WAN to DMZ). 

    Jump to answer
  • 0

    Every Interface has to be in a zone, in a bridge even the memberinterfaces have to be in a zone. 

    If you do this like that, you have to allow the traffic flowing the bridge with a firewall rule (DMZ to WAN and, if you want, WAN to DMZ). 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Not exactly what I want to do - although it might work this way but prevents me from using a DMZ.

    I'd like to have it like this.

    Why can't I use a second WAN interface in my "WAN bridge"? Probably I could also use a new zone WAN2 and setup WAN to WAN2 and WAN2 to WAN. But all this makes things more complicated and less straightforward than defining a second an third WAN interface on the bridge. Is there any deeper reason why this is not possible?