Why does this work or not work?

More fiddling.

I can get the individual matched rule to work with a vlan host network, but none other works with the vlan chosen as the host network.

Secondly I cannot see any traffic from my VoIP phones in any log file. The VoIP phones have their own address range in vlan1.2

Next experiment is to setup identities for my VoIP phones and use them rather than a group.

//update. Failed, had to take the VLAN1.2 out and put any back.

All of the above testing was a waste of time due to a series of bugs in the XG.

1/. if you use the connection disconnect function, the disconnected device never reconnects even after the device is restarted.

2/. changing a firewall rule does not drop or stop the connection

3/. connections are maintained over an XG restart

4/. The only way to drop all connections and open new ones is to power the XG off and then on.

5/. powering a connected device off does not drop the connections.

If I don't get any sensible answers within 24 hrs the UTM wil be back inplace of the XG.

To me the issue looks like major security holes left in the XG. but that could be just me and my not complete understanding of network security.

Hi rfcat!

What type of NIC? I have some problem with some model of Realtek chips... With Intel NIC is OK

Hi Gabriele,

I am using Intel NICs. I would have to open the box to provide specific details.

Hi,

the XG is running on intel mini itx MB using intel chipsets. SK1200xx

Hi

Can you test on normal PC with two or more Intel NICs? I think there is problem compatibility with integrated NIC...

I have got similar problem with VLAN and Realtek nics..

I added a PCI (or PCI-e Intel NIC and ALL OK with VLAN and XG SFOS..

Bye

I have a dual NIC card I can add. I will report back shortly.

Currently using a UTM 9.5ga

I disabled the onboard NICs and used a dual i350, same issues.

My RAP is connecting through rule 1 instead of rule 4, what is the use of having a rule that is bypassed because of a bug.

My VoIP devices do not register.

I disconnected the 3 devices after removing them from the network.

There is no traffic in any log for the devices, so how are they connecting?

I do have an older model dual NIC I can put in the XG while my wife is not using the internet.

Mmmm very strange... I don't know how I can help you, sorry

Tried a different dual nic, but one channel failed.

I do note that the devices keep getting different IP addresses which do not show in the connection report.

At this stage VLANs on my XG are a total failure, so back to one lan until v17 and try again.

So in summary the XG is not as secure as the UTM

1/, no ntp proxy

2/. no DNS proxy

3/. vlan connections left open after the device is disconnected.

4/. IP addresses keep changing even when setup in the DHCP server, so it is difficult to keep track of what is actually using what rule.

Tried a different dual nic, but one channel failed.

I do note that the devices keep getting different IP addresses which do not show in the connection report.

At this stage VLANs on my XG are a total failure, so back to one lan until v17 and try again.

So in summary the XG is not as secure as the UTM

1/, no ntp proxy

2/. no DNS proxy

3/. vlan connections left open after the device is disconnected.

4/. IP addresses keep changing even when setup in the DHCP server, so it is difficult to keep track of what is actually using what rule.