cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6876
Views
0
Helpful
13
Replies

i have problem with layer 3 switch with xg sophos

Aosama
Level 1
Level 1


how to fix configure layer 3 switch vlans with xg sophos


i have configuration in layer 3 switch is created 6 vlans :

my vlans ip address is:

vlan2 : 192.168.2.254 255.255.255.0 (servers)

vlan3: 192.168.3.254 255.255.255.0 (Workstations)

vlan4: 192.168.4.254 255.255.255.0 (AP)

vlan5: 192.168.5.254 255.255.255.0 (MGMT)

vlan6: 192.168.6.254 255.255.255.0 (VOIP)

i created (ip routing ) between them and ip route is (0.0.0.0 0.0.0.0 192.168.2.1) ,

(192.168.2.1) is GW for xg firewall sophos .

i can ping between vlans with each other but can't access to internet with vlans except vlan2(192.168.2.254) is can access to internet only , i using DHCP server is (192.168.2.10)

i don't know the reason , do the reason configuration in xg firewall sophos rather configuration layer 3 switch , what i can doing.

anybody can help me

 

Thank's

3 Accepted Solutions

Accepted Solutions

This is incorrect and this route should be removed.

On your FW you need to add the routes for the networks.

For example 192.168.3.0 255.255.255.0 192.168.2.254. 

In addition, you may or may not have to perform NAT configuration.

 

Martin

View solution in original post

No, further down you can see a 'Routing' section and it is in here that this would be configured.

 

Martin

View solution in original post

Routing-->Static Routing--->Add button

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

13 Replies 13

acampbell
VIP Alumni
VIP Alumni

Hi,

On your fireall you will need to add a static route for your vlan subnets pointing at
192.168.2.254 or what ever the vlan 2 address is on your layer 3 switch

 

Regards, Alex. Please rate useful posts.

Maybe you can clearly what do you mean , 

or you mean i should doing command (ip route 192.168.2.0 255.255.255.0 192.168.2.1) 

i already did that from before , or you mean set on vlan2 itself for examble 

switch(conf t)# int vlan 2

switch(conf t)# ip route 192.168.2.0 255.255.255.0 192.168.2.1

please i need clearification .

Not only your switch. You have to add the routes on your XG firewall also for all vlans. 

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Yeah . I created sub interface for vlan 3 and network definition  but no solution . You can write how to add route vlans because maybe there missing step . Thank you

This is incorrect and this route should be removed.

On your FW you need to add the routes for the networks.

For example 192.168.3.0 255.255.255.0 192.168.2.254. 

In addition, you may or may not have to perform NAT configuration.

 

Martin

you mean add network on (source network and Devices) in firewall section  , I'm put attached picture for clarification for you 

No, further down you can see a 'Routing' section and it is in here that this would be configured.

 

Martin

Thank you  Martin Carr Also 

 

Routing-->Static Routing--->Add button

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Thank alot , My problem's is resolved .

Thank you  

and 

I am happy to know that your issue has been resolved. 

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Thank you

Your first try is OK.

The def. Gateway must be placed within the same L3-network (Subnet) as the client.

So the L3-Switch need 192.168.1.254 as gateway within "tranfer-Subnet"

Seems there is a configuration-problem at the l3-Switch.

Which device do you use? can you post the L3-Switch Configuration?

moiz