Professional Documents
Culture Documents
Hi all,
I was trying to deploy a Sophos XG 650 in bidge mode, everything goes as expected but in the WAN
Link Manager tab the Port in the WAN zone appears to be down.
I can see traffic going through but I think the WAN link has to be up and green, Am I right?
lferrara
Regards
Luk
Security Architect
https://community.sophos.com/products/xg-firewall/f/initial-setup/91861/bridge-transparent-mode-deployment-xg 1/6
1/17/2018 Bridge/Transparent mode deployment XG. - Initial Setup - XG Firewall - Sophos Community
John Henry
Previewing Staged Vindas Carballo
Changes
In reply to lferrara:
I will test in a while if I can ping google and let you know.
This is what I get from the console when ask for arp (I don't know if it's correct):
Thank you.
EDIT: I can't ping google or my gateway when I have both ethernet cables connected to the
bridge port.
In reply to lferrara:
I have Port2 and Port3 in the Bridge Port, I notice that if I connect the LAN link (Port3) only,
my gateway link works fine but if I connect both links (Port2 and Port3) the WAN link (Port2)
goes down.
https://community.sophos.com/products/xg-firewall/f/initial-setup/91861/bridge-transparent-mode-deployment-xg 2/6
1/17/2018 Bridge/Transparent mode deployment XG. - Initial Setup - XG Firewall - Sophos Community
Traffic still goes through and I can see the allowed packets.
Also, "HTTP 500 ERROR" when try to browsing internet and can't access any HTTPS site.
I have a question about the problem I'm having with the Transparent mode on the Sophos XG.
Every single time I connect the XG in the network I can't use the web browser anymore, why
does this happend if the firewall is configured in transparent mode?
Thanks
sachingurung
Hi John,
Show us the inside configuration of the gateway in the WAN link manager and Bridge port
configuration.
Thanks
https://community.sophos.com/products/xg-firewall/f/initial-setup/91861/bridge-transparent-mode-deployment-xg 3/6
1/17/2018 Bridge/Transparent mode deployment XG. - Initial Setup - XG Firewall - Sophos Community
In reply to sachingurung:
Hi sachingurung,
Thank for your reply, here you have the configuration of both ports.
WAN link:
Bridge port:
Thank you.
https://community.sophos.com/products/xg-firewall/f/initial-setup/91861/bridge-transparent-mode-deployment-xg 4/6
1/17/2018 Bridge/Transparent mode deployment XG. - Initial Setup - XG Firewall - Sophos Community
sachingurung
For the WAN link manager, edit the failover rule and ping to 8.8.8.8. Does that make the
gateway green? Alongside, uncheck the "routing on bridge interface" save the config and
verify if that resolves it.
Thank you,
In reply to sachingurung:
It does fix the certificate problem I was having but I still see the WAN link status down.
EDIT: Also, I can't ping 8.8.8.8 or my gateway (10.99.1.1) through the bridge or PortA2 (WAN
link).
Matt Yost
https://community.sophos.com/products/xg-firewall/f/initial-setup/91861/bridge-transparent-mode-deployment-xg 5/6
1/17/2018 Bridge/Transparent mode deployment XG. - Initial Setup - XG Firewall - Sophos Community
I've heard you need to setup a firewall rule to allow communication from one interface to
another. Do you have a firewall rule to allow communication between the lan and wan?
Not sure if this is taken care of when setting up a bridge, but figured it was worth a mention.
sachingurung
Hi John,
Uncheck 'unable routing on this bridge pair' option in the bridge interface definition. If that
doesn't resolve the issue then please DM me and we will investigate further.
Thanks
https://community.sophos.com/products/xg-firewall/f/initial-setup/91861/bridge-transparent-mode-deployment-xg 6/6