Configure LAN Bridging
Purpose: You may have a Sophos XGS appliance and need more than one interface to act as additional LAN ports. You can achieve this with bridges.
Assumptions
It is assumed that your Sophos XGS appliance has at least 3 interfaces, one for WAN, one for LAN, and a third one that will act as a member of the bridge. You can have as many member interfaces of the bridge as needed, but you need at least one.
Login to the Firewall¶
You will need to access the firewall either directly on the local network at https://<IP-of-Firewall>:4444 or remotely in Sophos Central.
Configure a LAN bridge¶
Navigate to "Configure > Network > Interfaces > "Add Interface" > "Add Bridge""
| Field | Value |
|---|---|
| Name | LAN Bridge |
| Hardware | br0 |
| Enable routing on this bridge pair | <Unchecked> |
| Member Interfaces | <Interfaces-of-Additional-Ports> / Zone: "LAN" |
Warning
The LAN interface itself needs to be a member of the bridge. If it is not, the Sophos Appliance will not allow you to use the same IP address as the existing LAN interface.
IPv4 Configuration¶
| Field | Value |
|---|---|
| IP Assignment | Static |
| IPv4/netmask | <IP-of-LAN-Interface> / <CIDR-of-LAN-Interface> |
| Gateway IP | <Blank> |
| Member Interfaces | <Interfaces-of-Additional-Ports> / Zone: "LAN" |