DHCP hosts are unable to communicate with static ip hosts

Question

Hello, 
 
 I am using sophos xg SFVH (SFOS 16.05.0 RC-1). The clients that were assigned an ip address by the sophos DHCP server are unable to communicate with clients that I created statically. For example, my DHCP server has a range from 100 to 200. The clients with IP addresses that I assigned below 100 are not able to communicate with those that are between 100-200. Is there a missing firewall rule? 
 Thank you.

hjherron6 · Accepted Answer

Hi Igor, 
 Traffic between hosts on the same network whether they are static or DHCP should not reach the Sophos when trying to get to each other. I would suggest comparing the subnet mask you are assigning to the static clients versus the subnet mask that is configured to be handed out on the Sophos DHCP scope. If they are not configured with the same subnet mask they could have issues communicating with each other. If that seems to be okay maybe you could post a picture of your DHCP server configuration? Thanks, Hugh

sachingurung · Answer

Hi, 
 Exactly as Hugh suggested, this traffic will be managed by switch as it is a local network communication. This traffic will never read Firewall hence, please check the local configurations and switch configurations. 
 Thanks

igor fedyuk · Answer

Hello, 
 
 Figured out the problem and what made it so confusing is that when this setting is in place while using UTM 9.4 everything does work fine. Also if I set the sophos-xg as my gateway ip even though it is internal shouldn't the traffic still go through the firewall to make sure the traffic is analyzed and logged? 
 The issue ended up being in my Centos 7 vm's i had the netmask as /32 while everywhere I specified as /24. The /32 was set automatically when you specify only the IP address using nmtui console utility. 
 Example 
 
 I am sorry this took so long to reply, I had jury duty and decided to take your advice and look into the network further. 
 Thank you for your help :).