I am trying to set up my network with a new installation of Sophos UTM, ASG Home User licence - v9.3
I have a server Gigabyte GA-J1900N-D3V with two NIC Realtek (RTL8111F) modules:
eth0, VLAN 10, 10.10.10.1/24 (used for WLAN)
eth0, VLAN 100, 10.10.100.1/24 (used for wired clients, containing NAS)
eth1 Connected to the Internet
A HP Switch terminates the 802.1q trunk from eth0. I have located a client in each segment (VLAN 10/100), configured NAT masqueradings, DHCP service for both VLANs.
Basically connectivity to the Internet works fine, UTM is serving IPs with DHCP as expected.
But the problem is, that inter-VLAN routing between VLAN 10 and vlan 100 is active. Basically this should not be allowed, and I would like to turn it off.
Connectivity tests between the vlans was done with ICMP/HTTP.
I have tried to insert a Firewall rule which blocks any traffic between VLANs, but it did not work.
Is this a limitation caused by the NIC Realtek (RTL8111F) or are firewall rules possible between Internet and LAN only?
Is there any possibility to stop inter-VLAN routing between VLANs?
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
