Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 6 subscribers
  • Views 7797 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need advise about sophos home edition

Humbatov Ashraf

 Hi. I have some separate vlan in my environments.  How i can configure sophos home editon with this situation ? with one public and one internal interface again ?



This thread was automatically locked due to age.
Parents
  • 0

    If you only have 2 physical interfaces, then you must configure the internal interface to use VLAN's. That's how you can assign multiple networks (vlan) to a single physical interface.

    If you need more help, please be more detailed in where exactly you need help with.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0 in reply to apijnappels

    I must add additional VLAN interface on sophos ?

  • 0 in reply to Humbatov Ashraf

    Yes, can only add multiple logical subnets onto 1 physical interface by using VLAN. It has to be 802.1q VLAN, so your switch must also be configured accordingly.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0 in reply to apijnappels

    One physical interface can be of the type ethernet *and* ethernet vlan, both at the same time.   As mentioned, you'll need to have your switch set up to properly handle tagged and untagged frames.  The traffic on the interface assigned as ethernet (not vlan) gets passed to what ever _default_ vlan you have assigned on your switch.

    In the example below, eth2 is physical port 3 on my qotom box.  Actually it might be a different port, but because utm runs under exsi, I have ports mapped as eth0..3 to correspond to physical ports 1..4, in order.  As you already probably know, each subnet will need its own dhcp setting, masquerading (if you want internet access), and firewall rules set up.

     

Reply
  • 0 in reply to apijnappels

    One physical interface can be of the type ethernet *and* ethernet vlan, both at the same time.   As mentioned, you'll need to have your switch set up to properly handle tagged and untagged frames.  The traffic on the interface assigned as ethernet (not vlan) gets passed to what ever _default_ vlan you have assigned on your switch.

    In the example below, eth2 is physical port 3 on my qotom box.  Actually it might be a different port, but because utm runs under exsi, I have ports mapped as eth0..3 to correspond to physical ports 1..4, in order.  As you already probably know, each subnet will need its own dhcp setting, masquerading (if you want internet access), and firewall rules set up.

     

Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?