Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 11205 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

PPPoE WAN - aargh!

JeffThompson

Is there any way to set up XG with a PPPoE WAN connection during initial "basic setup"?

 

After playing with it on a test machine, I went to install XG for real on my firewall and had to revert straight back to UTM because XG I can't see any way in "basic setup" to create a WAN interface that's PPPoE!  It won't let me go past basic setup until it's been licensed but it can't check the licence key because there's no WAN connection.

 

Omitting this would be a major boob, Sophos!  Most small business and SOHO setups have a PPPoE-based connection (VDSL etc).



This thread was automatically locked due to age.
Parents
  • 0

    Nice observation, Jeff!

    It should be possible to go for basic setup even if internet is not available.

    I am sure they will improve the activation method.

    If you have PPoE only, you have to activate the XG first using another modem/router or inside another environment and then install it in the right place once it has been activated.

    Really fustrating!

  • 0 in reply to lferrara

    That's way beyond frustrating, it's nigh on impossible unless you build XG on entirely separate hardware and connect it out via the existing UTM, or de-rack the machine and lug it across the town to use someone else's connection!  I hope it copes with being behind another firewall for that step if I do try it...

     

    Surely it's pretty easy either to hold off activation until a little later as you suggest, or else to put in the necessary work to handle PPPoE in basic setup, Sophos?  This is a really big miss in the design of XG's setup routine, makes the product a real pain for SOHO and small business.

     

    I just spotted a feature request on the "how can we improve XG?" forum for exactly this.  It's over a year old and has no response from anyone at Sophos.  POOR SHOW!

Reply
  • 0 in reply to lferrara

    That's way beyond frustrating, it's nigh on impossible unless you build XG on entirely separate hardware and connect it out via the existing UTM, or de-rack the machine and lug it across the town to use someone else's connection!  I hope it copes with being behind another firewall for that step if I do try it...

     

    Surely it's pretty easy either to hold off activation until a little later as you suggest, or else to put in the necessary work to handle PPPoE in basic setup, Sophos?  This is a really big miss in the design of XG's setup routine, makes the product a real pain for SOHO and small business.

     

    I just spotted a feature request on the "how can we improve XG?" forum for exactly this.  It's over a year old and has no response from anyone at Sophos.  POOR SHOW!

Children
  • +1 in reply to JeffThompson

    Hello all, I agree that if its going to force you to register before being able to do anything it should have all the tools.  

     

    But for whatever its worth, this is how I've always done it.  Rather than rack the appliance and plug in the ISPs cable into the WAN port, I've always just pre-configured the XG while the existing network is still in place.  What i mean by that, is just plug a cable from the network into the WAN port and get an address (Static or DHCP).  It doesn't have to be a true "WAN" connection.  As long as it has an IP (In my case an actual LAN IP) and can get out to the internet, you should be good.  So you can register it and get in and do some basic config and the last step would be to setup your WAN port and then fingers crossed you got it right :)

     

    Hope that helps in these scenarios.

     

    Thanks

     

    ~Dan~

  • 0 in reply to DMR188

    The registration process that requires internet access is something that does not help any system administrator. All the time we prefer to study the customer's environment, design and implement the configuration into LAB and then move the appliance to the customer site and do all the rest of the settings.

    The other option is to configure in parallel the XG with the existing Firewall and do all the configuration.

    In both cases, we can activate the XG.

    In the case of a new office where the rack is completely empty (only power, switch and connectivity (PPoE without the modem)) you are out!

    Saching, you should improve the activation phase quiclky. For example, it is possible to activate the XG from Sophos account but in any case the XG needs internet to contact Sophos Cloud and then it synchronizes the license. When Internet is not available, you should allow us to:

    • Register XG into Sophos Account
    • Download a license activation on our computer (where we have internet using a 4G connection for example)
    • Allow XG to use the activation file from USB instead of contacting Sophos Cloud
    • Proceed with the basic configuration

    Something like RED configuration using USB key.

    This can be implemented easily.

    Thanks