Благодарим ви!

Perfect video and just what I needed. I setup my Sophos, did the basic install and went to bed (it was early am anyway) Imagine my surprise to wake up and realize Sophos was blocking DHCP. The Mrs was not happy! Lol. Thanks SO Much for at least getting me off the ground with this.

Simply put, This is just Awesome! Thanks Mike!

This is a great video. Just what I needed. Thanks!

Hi, thanks for awesome explenation. Marry Christmas, God bless you!

Just what im looking for to setup with my UDMPRO. Thanks a lot!

Great video. It work and helpful to me! Thanks you

Hi Mike, this video is very helpful to me thank you!

Hi Mike, great video thanks, can you explain why the DHCP outbound rule you created isn't covered by the default network Lan to Wan Rule ?

Thanks for your video!

Thank for your video and explanations, one questions; in the last part, after creating a bridge interface from GUI, it will be VPN SSL from remote users unavailable? We're trying to insert an XG between an ISP router and ubiquiti dream machine pro. Thanks

Hi Mike - i have a Ubiquti UDR router and i want to use the sophos in bridge mode. . My UDR obtains a IP from the cable modem through its WAN port. From the UDR switch, do I connect to the sophos on the LAN or WAN bridge port ? - my thinking is to connect the rest of the LAN to the sophos lan port and from the UDR to the WAN?

Great Video Mike! One question i had is what if the ISP Router and switches are doing a ton of VLANs? Can I have the sophos still be there in the middle with bridge mode with all the VLANs? Thanks!

If you preferred to use the Sophos XG as the DHCP server instead of the ISP modem, would you have to set up a static route on either firewall?

Hi Mike, this is a brilliant video! I had been looking for such a thing for a while now. Thanks! I do have an issue, I am hoping someone can help with. I have router sitting on the WAN side of the firewall which does the DHCP and has 4 VLANs. The firewall and the router + the switch on the LAN side of the firewall are all in the default main VLAN. I am having issues adding these VLANs to the firewall, how do I "identify them" to apply rules to them? Seems cross-VLAN traffic does not work through the firewall (worked without it). Thanks!

Hi Mike, great videos! Appreciate your effort. Is there a reason, why you haven't created one rule for DHCP allow with LAN and WAN as source as well as destination (min 20ish), meaning you might not have to create two rules.

Hi Mike. Thanks for the walkthrough. My Sophos firewall was configured in bridge mode. Now my setup has changed and want to configure in gateway mode. how do i do that? The br0 interface can't be deleted

Hello, great video thank you. My configuration is slightly different. I've ISP modem>Sophos bridge>Unifi dream machine router/switch. I understand Unifi can't "disable" routing, which is why Sophos needs to be in bridge. But are all the settings and rules you've shown here the same?

Thank you for making the video. I setup my firewall and I made port 1 the wan , I have the other 3 ports under the bridge. If I put my computer under any of the 3 ports I am able to go into the web interface from any of the 3 ports. Once I put the cable from my router to the firewall on port 1 wan , I am able to get internet from other 3 ports DHCP works but ,I am not able to access the web interface from the router side or after the firewall side. I have assigned my router a static ip for the firewall wan. I see it in the router. Do I have do more create more rules for the web interface?

If I want to integrate a completely new ISP circuit and LAN into an existing XG firewall that already currently has an ISP circuit and another LAN running through it, would I just do what you did in the last part of this video and setup 2 of the XG's ports for this new network, setup the static route to the current router, In/Out DHCP and then just start defining my static hosts and building out any traffic rules? It's technically 1 company I'm planning this for but they have a sub-company with their own portion of the building and are currently on their own network and I want to bring their traffic into the XG for better security. I've done this with virtual domains on the Fortigates but never handled this with a Sophos. The other thing is that this extra company I want to add into the XG already has a firewall with rules so I would want the route through the XG to be bridged only so that's how I found this video.

Nice video - somehow, after deployment, I dont get any internent access. Do you know if the br0 is accessible from both ends? WAN or LAN?

thanks MIKE

Can I just delete the bridge again and it will turn back to the configuration before?

Hey Mike. Just installed v18 on an old PC. Seems to be working. I have it sitting behind a switch on a vlan in bridge mode. Everything works and IPs are getting assigned from my vlan controller. v18 of SFOS seems to have brought a few advanced features under the advanced settings in the bridge interface screen. Vlan filters, STP, ARP broadcast I run a Peplink router with 2 AP. I have 5 vlans. I added my vlan tags to vlan filter for the bridge. I went ahead and created an IP group of DHCP server hosts, one for each vlan and untagged LAN and created the inboud/outbound dhcp rules as you show in the vdeo. I think I have it ready to fully test between my main router and the main network switch. Hope vlan traffic will be unimpeded. May have to upgrade my Sophos XG host as it’s an older Intel Core 2 Duo with 4Gb ram. I’m considering a used Dell Optiplex i5 5060 with 8 GB of ram.

Hi Mike, we are using 2 networks created by our router, should I create the same rule for the other one?

Hi Mike, this is a very helpful video however, we're having issues with our XG230 firewall, we are using VLAN which are created on our networks and we wanted to know if we are going to configure those VLANS in Sophos as well? Because what we experience are some sites that are inaccessible.

Hi Mike , thanks for your video , really informative ,please advise how can we configure "gateway mode" similarly, when i plug in the isp cable to the wan port of mini pc for sophos, i dont seem to get an IP. Also i unable to get into the GUI of sophos , appreciate any assistance

in Bridge Mode i need one network card or 2 ?

Does XG allow you to choose the IP address 192.168.1.1 when you install it instead of 172.16.16.16?

Excellent video, I have question relating to backend / frontend concept. I have purchased two Sophos and I have an existing SonicWall, how can I configure it to work correctly. Now we have unmanaged switch all ISPs links are connected to it and DMZ is created from sonicwall and plugged into this switch. I need to make it work, I have configured bridge mode, and all internet goes off, and in core switch ip route 0.0.0.0 0.0.0.0 goes to inside interface if the sonicwall... Can you help please..?

A great video. So great I decided to try Sophos again after giving up a few yeras ago and moving to Untangle which is easy to use but not as good. I have reinstalled it 3 times (Bridge Mode) and after each install it all seems fine with changed password and reboots. I can get to the login page (User Portal after the reboot but it asks me for a user ID which at no stage did I change or use and says login failed.

how can i remove any port from bridge?

What you mentioned about the DHCP that is not correct it does not require a firewall rule to pass the DHCP traffic the machine automatically will be assigned with the IP address from the upstream router. To prove what I am saying just check the firewall rule you created to pass the DHCP traffic it will show 0 B in and 0 B out so that rule will never will come into picture.

This is some amateur shit right here.