Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 357 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

One WAN Bridge and one LAN Bridge

BeEf

Hello,

I am using the Sophos Firwall behind a FritzBox in my Home Office. The instaleld Firmware is the latest SFOS 19.5.1 MR-1-Build278.

I have configured a LAN Bridge br01 for all devices behind the firewall. 

Now I wanted to be able to add some devices in the network between the firewall and the FritzBox.

For this I created another bridge for the WAN to have the orgininal WAN Port and two more ports in the WAN network (like a small switch, FritzBox provides Adresses by DHCP.  Strangely I can add one interface in the DMZ and another one in the WAN (what could be the sense of such a configuration) but I am not able to add more than one Interface in the WAN Zone.

Can this be done? If yes how?

 

Regards,
BeEf



This thread was automatically locked due to age.
Parents
  • 0

    Every Interface has to be in a zone, in a bridge even the memberinterfaces have to be in a zone. 

    If you do this like that, you have to allow the traffic flowing the bridge with a firewall rule (DMZ to WAN and, if you want, WAN to DMZ). 

    __________________________________________________________________________________________________________________

Reply
  • 0

    Every Interface has to be in a zone, in a bridge even the memberinterfaces have to be in a zone. 

    If you do this like that, you have to allow the traffic flowing the bridge with a firewall rule (DMZ to WAN and, if you want, WAN to DMZ). 

    __________________________________________________________________________________________________________________

Children
  • 0 in reply to LuCar Toni

    Not exactly what I want to do - although it might work this way but prevents me from using a DMZ.

    I'd like to have it like this.

    Why can't I use a second WAN interface in my "WAN bridge"? Probably I could also use a new zone WAN2 and setup WAN to WAN2 and WAN2 to WAN. But all this makes things more complicated and less straightforward than defining a second an third WAN interface on the bridge. Is there any deeper reason why this is not possible? 

Unfiltered HTML