Hello!
I'm having a problem that's a bit similar to some posts I've ready, but I think my issue is unique enough to start a separate thread.
I am using Sophos XG to serve as my primary firewall/gateway/DHCP server for my home network.
Sophos XG is running on a dual NIC box, port 1 is connected to my cable model, Port 2 on the Sophos unit is connected to Port 8 a Netgear GS108Ev1 managed switch.
A Ubiquiti Unifi AP is connected to Port 5 on that same Netgear switch.
Using Sophos UTM (which allows one to configure a VLAN with ID of 1), I had that as my main "internal" VLAN, and VLAN2 was created for the guest Wifi network. On the Netgear, Port 5 and Port 8 were setup as tagged or trunked ports for both VLANS, all others ports (which are in use) were left as untagged. With Sophos UTM, this worked. With Sophos XG, it does not appear to - in fact, as soon as I activate this VLAN configuration, no traffic seems to get processed by the Sophos box.
I setup a VLAN interface 2.1 on the XG box to be the Guest VLAN (2), setup a guest zone and gave it full access to the WAN under firewall rules, setup a DCHP server within Sophos to assign DHCP. The main LAN (port 2, no VLAN assignment) is setup to use 10.0.0.1/24, and the VLAN 2 was setup to use 10.0.2.1/24
On the Netgear switch, using 802.1Q VLAN, I have port 5 and 8 set to be tagged for VLAN 2, all ports untagged for VLAN 1. (This Netgear switch requires a VLAN ID 1)
Using this setup, when attempted to connect to the guest WLAN behind VLAN2, clients can not obtain an IP address.
Any thoughts or suggestions for how to make this work would be greatly appreciated; I've spent countless hours trying to get this to work!!
I'm having a problem that's a bit similar to some posts I've ready, but I think my issue is unique enough to start a separate thread.
I am using Sophos XG to serve as my primary firewall/gateway/DHCP server for my home network.
Sophos XG is running on a dual NIC box, port 1 is connected to my cable model, Port 2 on the Sophos unit is connected to Port 8 a Netgear GS108Ev1 managed switch.
A Ubiquiti Unifi AP is connected to Port 5 on that same Netgear switch.
Using Sophos UTM (which allows one to configure a VLAN with ID of 1), I had that as my main "internal" VLAN, and VLAN2 was created for the guest Wifi network. On the Netgear, Port 5 and Port 8 were setup as tagged or trunked ports for both VLANS, all others ports (which are in use) were left as untagged. With Sophos UTM, this worked. With Sophos XG, it does not appear to - in fact, as soon as I activate this VLAN configuration, no traffic seems to get processed by the Sophos box.
I setup a VLAN interface 2.1 on the XG box to be the Guest VLAN (2), setup a guest zone and gave it full access to the WAN under firewall rules, setup a DCHP server within Sophos to assign DHCP. The main LAN (port 2, no VLAN assignment) is setup to use 10.0.0.1/24, and the VLAN 2 was setup to use 10.0.2.1/24
On the Netgear switch, using 802.1Q VLAN, I have port 5 and 8 set to be tagged for VLAN 2, all ports untagged for VLAN 1. (This Netgear switch requires a VLAN ID 1)
Using this setup, when attempted to connect to the guest WLAN behind VLAN2, clients can not obtain an IP address.
Any thoughts or suggestions for how to make this work would be greatly appreciated; I've spent countless hours trying to get this to work!!