Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 19 replies
  • Subscribers 34 subscribers
  • Views 75109 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Adding another NIC totally breaks XG Firewall and all dependent rules

Timothy Stewart

Hi.  I have been running XG firewall with 2 NICs - LAN and WAN.  I decided to add another for DMZ and it totally breaks the firewall.  All NICs get reassigned.  Port 1 LAN becomes DMZ, Port 2 WAN becomes LAN, and the newly added Port 2 becomes LAN instead of the unassigned DMZ.  This is crazy.  It wouldn't be so bad if it didn't break all of my rules the depend on Port 2 being WAN, which means when I reassign the new Port 3 to WAN the interface name changes and all business rules that depended on Port2_GW_DHCP get abandoned since this interface no longer exists.

Is this expected?  Is there a simple way to rename ports and reassign them to their old name, role, and position?  This seems like a major bug.



This thread was automatically locked due to age.
Parents
  • 0

    It seems as though this strategy may work until you reach 5 NIC's. When I add a Network Adapter from VMware, it seems to assign them in this order: 

    1. /sys/devices/pci0000:00/0000:00:15.0
    2. /sys/devices/pci0000:00/0000:00:16.0
    3. /sys/devices/pci0000:00/0000:00:17.0
    4. /sys/devices/pci0000:00/0000:00:18.0
    5. /sys/devices/pci0000:00/0000:00:15.1

    However, the XG Firewall seems to use this order:

    1. /sys/devices/pci0000:00/0000:00:15.0
    2. /sys/devices/pci0000:00/0000:00:15.1
    3. /sys/devices/pci0000:00/0000:00:16.0
    4. /sys/devices/pci0000:00/0000:00:17.0
    5. /sys/devices/pci0000:00/0000:00:18.0

    I've even attempted to add Network Adapters one by one, stopping the VM between each addition. Nothing seems to work. Any ideas?

Reply
  • 0

    It seems as though this strategy may work until you reach 5 NIC's. When I add a Network Adapter from VMware, it seems to assign them in this order: 

    1. /sys/devices/pci0000:00/0000:00:15.0
    2. /sys/devices/pci0000:00/0000:00:16.0
    3. /sys/devices/pci0000:00/0000:00:17.0
    4. /sys/devices/pci0000:00/0000:00:18.0
    5. /sys/devices/pci0000:00/0000:00:15.1

    However, the XG Firewall seems to use this order:

    1. /sys/devices/pci0000:00/0000:00:15.0
    2. /sys/devices/pci0000:00/0000:00:15.1
    3. /sys/devices/pci0000:00/0000:00:16.0
    4. /sys/devices/pci0000:00/0000:00:17.0
    5. /sys/devices/pci0000:00/0000:00:18.0

    I've even attempted to add Network Adapters one by one, stopping the VM between each addition. Nothing seems to work. Any ideas?

Children
No Data