Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 26 subscribers
  • Views 5186 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How can I make 27 Wireless Xirrus XR600 Arrays with 2 Gigabyte Ports work with XG 310?

B.R.O.

Can I make my Xirrus wifi work through the XG 310 firewall?  I manage wireless devices at a hospital and must have wifi working before I can deploy the XG 310.  

Each array has 2 Gigabit Ports on them.  Does anyone know of a workaround to get them to work?

 

Interface 1 = Default VLAN

Interface 3 = VLAN19 (xirrus arrays), VLAN21 (private wifi), VLAN254 (public wireless)



This thread was automatically locked due to age.
  • +1

    Bro,

    You cannot manage non Sophos AP directly from XG. You should treat the wireless as a physical connection and create the appropriate firewall rules. You can create trunk on XG physical interfaces but you cannot change the vlan 1 on XG nic but you have to add additional vlan.

    Regards

  • 0 in reply to lferrara

    Ok I got you.  So before you do anything to configuring your interfaces to should trunk the ports first like in my example I should have added a LAG interface for Port1 and Port4 i think.

  • 0 in reply to B.R.O.

    Thanks for the tip,  what I did was I temporary made port6 my lan zone with a IP so I could stay connected to the XG 310 while deleting port1 and port4 in order to create a new LACP Trunk with the Xmit hash policy set to Layer2+3.

     

    The core switch is a HP 2920-48G so I should be fine.

  • 0 in reply to lferrara

    Just in case anyone is trying to figure out how to do this.  I hope this works

     

    On Port 4 I have 3 zones

    Zone_Radios 

    Zone_Private_Wireless

    Zone_Guest_Wireless <sent this to dmz not lan>

     

    Created rules

    Port1_to_Port4  from LAN source any to <specified zones I want to traffic to flow) destination networks any

     

    Port4_to_Port1  from <specified zones I want the traffic to flow) source any to Lan zone with destination network being any

     

    the have the wireless guest to to dmz zone