Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 10199 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bridging interfaces causing network down

John Vernam

Hi

I have deployed XG Firewall on VirtualBox with 2 NICs. I need to send VLAN 200 iptv traffic through the firewall to my ISP.

Port 1 (LAN) is configured as static and Port 2 (WAN) as pppoe. 

To connect to the Internet I need to authenticate using VLAN 100 with my ISP.

I have created zone IPTV. Later, created VLAN 100 and assign it to Port 2 and zone iptv. Afterwards, created VLAN 200 and assign it to Port 1/zone iptv and Port 2/zone iptv.

 

Now in order to allow traffic to flow between Port1.200 and Port2.200, I think I need to bridge them first like this:

But when I click the save button, I see it taking some time to save and soon my whole network will go down, not only the VirtualBox but all the hosts on my network. I think this bridge is creating a loop which in turn causes a traffic amplification which takes down the whole network.

 

How do I solve this? Please help.



This thread was automatically locked due to age.
  • 0

    John,

    did you try to remove the IP addresses on the physical ports? 2 different VLAN should have IP in different subnet. Now the 2 VLAN are in the same subnet, why?

    Also check XG from CLI to see if it still reachable, what IP it has.

    Regards

  • 0 in reply to lferrara

    Hi lferrara,

    Thanks for the reply.

    I cannot remove the IP addresses on the physical port because it gives me error "You must configure at least one IP Family" if I uncheck the IPv4 Configuration. If I check it, I need to choose either static, pppoe or DHCP and must assign an IP address for static. How do I remove it then?

    here is my interfaces:

     

    I really want to remove IP address for Port 2 zone WAN but I do not know how.

    The VLAN with same subnet is the same VLAN, VLAN 200. Which are you referring to?

    Anyway, I have changed it to a different subnet but when I try to bridge it, it gives me error and causes the whole network to go down.

    I need to reset it to factory default settings to access it again.

     

    After trying again today using only internal network (instead if bridging) on VirtualBox, the network outside VirtiualBox stays up. When I access it using CLI, I can see only one interface now. the bridge interface I just created with the IP address assigned. Is this expected? However I cannot access the Web interface using that IP address. Does this mean the firewall is blocking?

     

     

    Please help. Thanks.