Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 6645 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Home in bridge or gateway mod?

MartinP

Hello,

I’d like to add a Sophos XG home firewall to the following configuration:

WAN -> Cable Router (Bridge Mode) -> Router -> LAN

The main router is a FritzBox running LAN, WLan, wired phones and DECT.

Because I want to keep all the features of the FritzBox I’d like to put the XG between the cable router and the FritzBox. As the cable router is in bridge mode, the FritzBox gets its WAN-IP with DHCP direct from the provider.

WAN -> Cable Router (Bridge Mode) -> XG -> Router -> LAN

 Should I configure the XG in gateway or bridge mode?

Thanks for helping me.



This thread was automatically locked due to age.
Parents
  • 0

    MartinP said:

    WAN -> Cable Router (Bridge Mode) -> XG -> Router -> LAN

     Should I configure the XG in gateway or bridge mode?

     

    Putting XG in bridge mode between the Cable Modem and your router will not work, for a couple of reasons:

    1) XG needs to talk to addresses on the internet to get updates, web filtering URL scoring, etc, etc.  So, it needs a public IP address. 

    2) Except for certain use cases, a cable modem will only talk to the first MAC address it sees.  So, it will see the XG MAC and your router will never be able to get an address.

     

    Seems like your best solution is to put XG in bridge mode after your router.  I've been running this way for a year now an it works great.

Reply
  • 0

    MartinP said:

    WAN -> Cable Router (Bridge Mode) -> XG -> Router -> LAN

     Should I configure the XG in gateway or bridge mode?

     

    Putting XG in bridge mode between the Cable Modem and your router will not work, for a couple of reasons:

    1) XG needs to talk to addresses on the internet to get updates, web filtering URL scoring, etc, etc.  So, it needs a public IP address. 

    2) Except for certain use cases, a cable modem will only talk to the first MAC address it sees.  So, it will see the XG MAC and your router will never be able to get an address.

     

    Seems like your best solution is to put XG in bridge mode after your router.  I've been running this way for a year now an it works great.

Children
No Data