Im only really needing simple IP reservation so i'm hoping that the XG can handle this. Do i need to put the netgear unit in bridge mode? * IP addresses to all internal devices. While it works in all layer. So basically we are just using the Netgear unit as a DHCP Server and a modem, as well as its rubbish domestic firewall. Sophos Central: Live Discover Overview. Deploy in Gateway mode- https://community.sophos.com/kb/en-us/122972 2. Click Enable TAP/Discover Mode if required and select one or more ports for passive network monitoring. You should not need to restart the XG. You can create bridge interfaces with or without an IP address assigned to them. The ISP router is the DHCP provider as well as the router & modem. How i can change the port which is configured as a Bridge mode to Router/normal port. Bridge over physical interfaces, such as ports and RED devices. Features are not available on XG in bridge mode and depending on that you may set the scenario you would need. You will have a "smart Switch" afterwards. When you deploy Sophos Firewall in gateway mode, Sophos Firewall acts as a gateway for your network. When the XG was setup as bridged it got a random IP in the range and became unreachable. Deploy in Bridge Mode- https://community.sophos.com/kb/en-us/122973 You can use this PDF for more details - https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/en Select network protection options as required and click Continue. 2. WebGateway or Bridge Mode MartinP over 4 years ago Hi I want to put an XG home firewall between my cable modem (without fixed IP) and the home office router. Announcements, technical discussions, questions, and more! Port B IP address (WAN zone): DHCP IP assignment. Running Sophos in bridge mode has a few caveats. Changing the XG to router mode will delete all firewall rules associated with the bridge, this will not affect other ports. When the XG was setup as bridged it got a random IP in the range and became unreachable. Click Add Interface > Add Bridge. Features are not available on XG in bridge mode and depending on that you may set the scenario you would need. Whether I can now bridge this in the interface rather than reset again, and what I need to change. My existing IP addressing from USG is 192.168.99.x and the main unifi stuff is on static. Currently, my configuration, the physical ports 1 - 3 - 4 form an interface in bridge mode. Select network protection options as required and click Continue. This LAN interface works as a gateway for all clients. Bridge connects two different LANs. Set a new password for the admin account. Specify the health check settings to determine if the gateway is active. 1. Features are not available on XG in bridge mode and depending on that you may set the scenario you would need. WebA walkthrough of using Sophos XG in Bridge Mode. I prefer to have the least possible devices possible, so you can remove even fritzbox too. WAN -> Cable Router (Bridge Mode) -> XG -> Router -> LAN. Sophos Firewall requires membership for participation - click to join. Deploy in Gateway mode- https://community.sophos.com/kb/en-us/122972 2. These dropped packets aren't logged. Click Add Interface > Add Bridge. Click Enable TAP/Discover Mode if required and select one or more ports for passive network monitoring. So I would disable DHCP on the router and set it up on the XG? You can create bridge interfaces with or without an IP address assigned to them. 3. Specify the health check settings to determine if the gateway is active. You can apply more than one monitoring condition for health checks. 2 Welcome Gateway mode is used when you want to deploy a new appliance or replace an existing appliance with a Sophos XG Firewall. Bridge works in data link layer. You can add IPv4 and IPv6 gateways. You can create bridge interfaces with or without an IP address assigned to them. Your network may be different. Go to Routing > Gateways, and click Add. Afterwards you can play with all the security features in the firewall rule and see, what happens. If a post solvesyourquestion please use the'Verify Answer' button. I've been running this way for a year now an it works great. Sophos XG Firewall would be used in gateway mode where it needs to manage routing between multiple networks and zones, and is the entry and exit point for the network. Help us improve this page by. I guess then I need to reset and start again? if i setup as gateway might be it will be double NAT. These dropped packets aren't logged. It provides DNS, DHCP etc. A bit lost on this nowif possible some ideas on key bits that need to be changed would really help especially since you have similar setup. __________________________________________________________________________________________________________________. The IP addresses shown in the diagram are examples. To prevent NAT rules from causing the traffic to drop, you need to specify the override source translation setting. Number of Views59. Sophos Firewall requires membership for participation - click to join. See Add a bridge interface. 2 Welcome Web1) XG needs to talk to addresses on the internet to get updates, web filtering URL scoring, etc, etc. While it works in all layer. You can create bridge interfaces with or without an IP address assigned to them. Gateway or Bridge? While gateway will settle for and transfer the packet across networks employing a completely different protocol. All Replies Answers Oldest Votes Set a new password for the admin account. You can create bridge interfaces in the following setups: You can turn on STP (Spanning Tree Protocol) to prevent bridge loops, which occur due to redundant paths. All Replies Answers Oldest Votes You can create bridge interfaces with or without an IP address assigned to them. This LAN interface works as a gateway for all clients. if i setup as gateway might Webthe deployment mode (Bridge/Gateway) for your device, change the interface(s) IP addresses, default gateway, DNS settings and Date/Time Zone to match your local network settings. Bridges enable you to configure transparent subnet gateways. It provides DNS, DHCP etc. At this point it was simply hooked up to the switch and the laptop the idea was to then eventually set it up on WAN of USG gateway and sit between that and the switch once I knew it is working. I know its not the best or most elegant setup, but I wish to see my Unifi controller populated with the above Unifi equipment. Hi Guys,We have recently purchased an XG Appliance and are expecting it to be delivered any day now. If a post solvesyourquestion please use the'Verify Answer' button. Sophos Firewall can be deployed in mixed mode, i.e., with the help of a Bridge, both bridge and route modes can be We will also be getting a second ADSL connection installed shortly and will be using the XG as a load balancer across both links, i'd anticipate the same PPPoE for ADSL link 2.Anyway. Thank you for your feedback. You will need to delete the bridge in networks. You may simply configure in Bridge mode, this would need DHCP to be disabled on XG. Click here to know more information on 'Add a bridge interface'. Do I have to set the XG to bridge or gateway mode? Web1) XG needs to talk to addresses on the internet to get updates, web filtering URL scoring, etc, etc. There are a bunch of other issues to the point where I no longer use bridge mode. To set up a bridge interface, do as follows: Go to Network > Interfaces, click Add interface, and click Add bridge. WebThis article gives details of how to configure and deploy Sophos Web Appliance (SWA) using various deployment modes. Bridge connects two different LAN working on same protocol. Thank you for your comments This thread was automatically locked due to age. Sachin Gurung Team Lead | Sophos Technical Support Knowledge Base|@SophosSupport|Video tutorials Remember to like a post. Port A IP address (LAN zone): 172.16.16.16/255.255.255.0. WebRED operation modes. 1997 - 2023 Sophos Ltd. All rights reserved. If you have a serial number, choose the first option and enter your serial number. The serial number is assigned to your Sophos Firewall. Put the XG in bridge mode and create the proper firewall rules to allow traffic. Product and Environment Sophos Firewall Configuring LAG in HA Deploy Sophos Firewall by following one of the links below: Deploy Sophos Firewall in bridge mode. Sophos Firewall drops traffic related to bridge interfaces without an IP address if the traffic matches a firewall rule with web proxy filtering or if it matches a NAT rule. You must configure settings that are appropriate for your network. Why not put the Fritz box on the inside of the XG and add rules to allow the features you want to use out. Press J to jump to the feed. Specify the gateway settings. The RED operation mode defines the method by which the remote network behind the RED is to be integrated into your local network. Sophos Firewall drops traffic related to bridge interfaces without an IP address if the traffic matches a firewall rule with web proxy filtering or if it matches a NAT rule. Sophos Firewall: Deploy inbound-only high availability (HA) in Microsoft Azure. WebThis article gives details of how to configure and deploy Sophos Web Appliance (SWA) using various deployment modes. If a post solvesyourquestion please use the'Verify Answer' button. and now i got sophos XG 210 to be setup. To allow traffic between bridged interfaces, you must create a firewall rule allowing traffic between the zones assigned to the interfaces. Deploy in Gateway mode- https://community.sophos.com/kb/en-us/122972 2. 2) Except for certain use cases, a cable modem will only talk to the first MAC address it sees. Introduction When you configure Sophos Firewall as a layer 2 bridge (in bridge mode), you can use features, such as deep packet inspection, intrusion prevention system, malware scanning, and email content scanning without changing the configuration or IP address schema of your network. Enter a name. Sophos Firewall applies the configuration changes and reboots. Bridges enable you to configure transparent subnet gateways. __________________________________________________________________________________________________________________. If you have server on your network it probably has a better DHCP server than the XG and talks to your internal DNS. You will need to delete the bridge in networks. Even in bridge mode there is no option to switch it off? The following network diagram shows a network where Sophos Firewall is deployed in gateway mode. Running Sophos in bridge mode has a few caveats. You can filter VLAN traffic passing through a bridge interface based on the VLAN IDs. You also use Gateway mode and so there gateway of your devices is XG and XG's gateway is the router. You'll replace the existing firewall with Sophos Firewall without changing the existing network LAN schema. There are a bunch of other issues to the point where I no longer use bridge mode. if you have a larger number of users or very high load from a device, in reality for home use not really. I guess im just confused as i know a network can only have 1 x DHCP server and I'm thinking i need to use a different IP range for the XG to give out via DHCP turn off the DHCP server on the router/put the router in bridge mode and use a static IP address to connect the XG to the Netgear unit.Hope i've explained my scenario clearly enough. If a post solves your question, use the 'Verify Answer' link. Whether the inability to reach the XG can be resolved if a static IP is given and if one of my steps above caused this issue. In this example, you have a network with a firewall serving as a gateway. I am always recommend to use the XG as a Gateway. When the XG was setup as bridged it got a random IP in the range and became unreachable. Gateway zones: You can assign a zone to custom and now i got sophos XG 210 to be setup. It can also be on physical interfaces that are bridge members. Specify the gateway settings. I only have two (WAN and LAN). Bridge connects two different LANs. When you configure Sophos Firewall as a layer 2 bridge (in bridge mode), you can use features, such as deep packet inspection, intrusion prevention system, malware scanning, and email content scanning without changing the configuration or IP address schema of your network. You can add gateways to forward traffic within the network and to external networks. You should not need to restart the XG. I had tried when it assigned a random one at 192.168.99.150 (consistent with the range I have) but for the life of me I could not log in anymore. 3, XG 230 Rev. The following sections are covered: Transparent with Direct mode (hybrid) Transparent mode only Direct mode only Product and Environment Click Continue. Do I have to set the XG to bridge or gateway mode? If you don't have a serial number, choose the second option, which provides you a temporary serial number valid for a 30-day trial. Sophos Firewall: Deploy Sophos Connect MSI using script via GPO. WebNumber of Views465. Ian XG115W - v19.5 GA - Home If a post solves your question please use the 'Verify Answer' button. This LAN interface works as a gateway for all clients. Number of Views59. This LAN interface works as a gateway for all clients. You will have WAN with DHCP enabled, so a internal LAN IP) and you will setup another Interface with different IP as LAN). Enter a name. WebSophos Firewall: Unable to get DHCP leased IP address after deployment in bridge mode Number of Views131 Sophos Firewall: Deploy in discover mode Number of Views64 Sophos Firewall: Deploy in gateway mode Number of Views59 Sophos UTM: Configuring Web Filtering and Application Control in bridged mode Number of Views76 So not sure if the interfaces are logically 1 and 2 (ie 1 - onboard, 2 - PCIe). When you configure Sophos Firewall as a layer 3 bridge (in gateway mode), you can use all of its security features and also use it to route traffic. The basic setup is complete. But this should work for every connection fine. Ian XG115W - v19.5 GA - Home If a post solves your question please use the 'Verify Answer' button. Should I configure the XG in gateway or bridge mode? Hi,Thanks for your reply.I am thinking it will be best if i go and buy a cheap modem and then set the XG up in Gateway mode. We have clients set up with DNS 1 as the AD Server and 2nd DNS entry as Google DNS. You can add gateways to forward traffic within the network and to external networks. There are a bunch of other issues to the point where I no longer use bridge mode. Seems like your best solution is to put XG in bridge mode after your router. Hi again, as an update: I managed to bridge the unit. However, if you run the assistant after you've configured HA, HA is turned off. Restriction You can filter VLAN traffic passing through a bridge interface based on the VLAN IDs. So, it needs a public IP address. Specify the health check settings. To turn on routing on a bridge interface, you must assign an IP address to it. All wireless traffic behind REDs that are deployed in a separate zone is sent to XG Firewall using the VXLAN protocol regardless of operation mode. Gateway zones: You can assign a zone to custom You can configure bridge mode on Sophos Firewall without using the assistant. Not to sound lazy: Any idea if that is possible in the interface now? You can apply more than one monitoring condition for health checks. In the router should be only one interface (XG). Simply to use everything as designed. 3. Network Configuration Wizard Skip Start Secure your enterprise with Sophos integrated internet security Quick Start Guide XG 210 Rev. 2) Except for certain use cases, a cable modem will only talk to the first MAC address it sees. Restriction Sophos Firewall is shipped with the following default configuration: Connect port A of Sophos Firewall to an endpoint computer's Ethernet interface and set the endpoint computer's IP address to 172.16.16.2/24. Sophos Firewall applies the configuration changes and reboots. Interfaces: (Please ignore the bridge (br0). So basically one interface defined as WAN, which uses the connection to the router. WebNumber of Views465. Choose a name for the firewall and set the time zone. Thanks and glad to know someone with a successful setup! Webi have a mikrotik router connected to procurve switch and connected to the user using more than 2 VLAN, it run dhcp,hotspot and some firewall. Sophos Firewall drops traffic related to bridge interfaces without an IP address if the traffic matches a firewall rule with web proxy filtering or if it matches a NAT rule. 2 Welcome You can set up a bridge interface over physical and virtual interfaces. Set an email recipient for notifications and backups and click Continue. Setting a static IP as per my range and gateway IP of the USG I cant connect to the Internet! WebGateway or Bridge Mode MartinP over 4 years ago Hi I want to put an XG home firewall between my cable modem (without fixed IP) and the home office router. Choose gateway mode by selecting This Firewall (Routed Mode), and click Continue. Sophos Firewall requires membership for participation - click to join, Bridge (a Bridged Interface cannot be a member of Bridge). Bridges enable you to configure transparent subnet gateways. As the cable router is in bridge mode, the FritzBox gets its WAN-IP with DHCP direct from the provider. In a real case scenario when do I need to bridge two interface? Thank you for a prompt reply. For example, you'll have to create firewall rules to allow traffic from the bridge to be sent to the bridge; it isn't implicit. The Sophos community forums discuss this is some detail. Bridge works in data link layer. It provides DNS, DHCP etc. Click Add Interface > Add Bridge. put the external modem in bridge mode, that way the XG will get the address from the ISP. Which is effectively what i would still have to do with the current Netgear device.We do have a Windows Server with AD, but we don't have an internal DNS server as that goes a bit beyond my comfort zone. When the XG was setup as bridged it got a random IP in the range and became unreachable. You can create bridge interfaces with or without an IP address assigned to them. Number of Views526. Sophos XG Firewall would be used in gateway mode where it needs to manage routing between multiple networks and zones, and is the entry and exit point for the network. You should not need to restart the XG. You can set up a bridge interface over physical and virtual interfaces. Select network protection options as required and click Continue. could you please brief large number of users and bridging interface has any relation. You can change this name later. Bridges enable you to configure transparent subnet gateways. You also use Gateway mode and so there gateway of your devices is XG and XG's gateway is the router. You may simply configure in Bridge mode, this would need DHCP to be disabled on XG. Bridges enable you to configure transparent subnet gateways. I wish to have the XG after a Ubiquiti Unifi USG so that it will be: ISP modem-USG-Sophos XG-Unifi Switch. Bridge works in data link layer. Is that a simple rule or is there more to it? Go to Routing > Gateways, and click Add. Configure the network settings as required and click Apply. If a post (on a question thread) solvesyourquestion use the 'This helped me'link. Introduction When you configure Sophos Firewall as a layer 2 bridge (in bridge mode), you can use features, such as deep packet inspection, intrusion prevention system, malware scanning, and email content scanning without changing the configuration or IP address schema of your network. Click Continue. They will be come handy during the initial setup. Bridges enable you to configure transparent subnet gateways. We operate a mix of standalone PC's and Domain Joined PC's so its slightly more complex again. It hands out a 192.168.1. Bridges enable you to configure transparent subnet gateways. This Interface will be setup as DHCP Client. Choose bridge mode by selecting Internet gateway (Bridge Mode), and click Continue. Number of Views191. You can change this name later. Which would only be the XG but would i have to point the XG at the static IP of the modem and then give the XG a different range for internal addresses? 1997 - 2023 Sophos Ltd. All rights reserved. Select network protection options as required and click Continue. I am admittedly new to this but remain eager to learn, so any step-by-step would be appreciated. We support High Availability (HA) on bridge interfaces when you deploy Sophos Firewall in bridge mode using the assistant. WebBridging the internal wireless card of an XG-W firewall to the internal LAN involves the following steps: Create a wireless network: Select Bridge to AP LAN network in Wireless > Wireless Networks as shown in the image below: Create a bridge interface: Go to System > Network > Interfaces. Browse to https://172.16.16.16:4444 to access the graphical user interface (GUI) and follow the steps in the assistant. The network settings shown in the image are examples only. Bridges enable you to configure transparent subnet gateways. If you don't have a serial number, choose the second option, which provides you a temporary serial number valid for a 30-day trial. the XG does not have a very good DHCP server, it is not linked to the DNS. Go to Routing > Gateways, and click Add. Thanks. i have a mikrotik router connected to procurve switch and connected to the user using more than 2 VLAN, it run dhcp,hotspot and some firewall. Also there doesn't seem to be a way to turn off this POS Netgears minimal firewall features like DOS protection. You also use Gateway mode and so there gateway of your devices is XG and XG's gateway is the router. While it converts the protocol. Sophos Firewall: Deploy in gateway mode. Browse to https://172.16.16.16:4444 to access the graphical user interface (GUI) and follow the steps in the assistant. Sophos Firewall: Deploy Sophos Connect MSI using script via GPO. For example, for bridged interfaces configured with LAN zones, create a firewall rule to allow traffic from LAN to LAN. The other interface is defined as LAN and runs an own DHCP Server. The following network diagram shows a network where the existing firewall or router is present at the network's perimeter. So, it needs a public IP address. To turn on routing on a bridge interface, you must assign an IP address to it. The serial number is assigned to your Sophos Firewall. if i setup as gateway might Also if i will make the change is it will be impact to other ports as well and is their will be FW restart required. 1997 - 2023 Sophos Ltd. All rights reserved. (I have exact same setup USG, followed by XG in bridge mode on Qotom fanless J1900 box :)). The main router is a FritzBox running LAN, WLan, wired phones and DECT. then the XG as gateway and enter in the PPPoE settings for my IP within the XG? I do not know it but XG is plenty of features. If you have a serial number, choose the first option and enter your serial number. Help us improve this page by, Configure Sophos Firewall in gateway mode. On bridge interfaces with or without an IP address assigned to your internal DNS )! Initial setup configure in bridge mode article gives details of how to configure and deploy Sophos Web Appliance SWA... Gets its WAN-IP with DHCP Direct from the provider to them which is configured as gateway... New password for the Firewall rule allowing traffic between bridged interfaces, such as and... A post solvesyourquestion please use the 'Verify Answer ' button to know more on... Operate a mix of standalone PC 's so its slightly more complex again the XG as a gateway for clients! Bridge in networks behind the RED operation mode defines the method by which the remote behind. You please brief large number of users and bridging interface has any relation create the Firewall... Click to join, bridge ( a bridged interface can not be a way turn! Replies Answers Oldest Votes you can create bridge interfaces with or without an IP address to it >,! Gateways to forward traffic within the network and to external networks gateway might it... Case scenario when do i have to set the XG was setup as bridged it got a random in... A bridge interface based on the VLAN IDs other ports like your solution., followed by XG in gateway or bridge mode and depending on you! Larger number of users or very high load from a device, reality... Configured HA, HA is turned off & modem the internet to if. And transfer the packet across networks employing a completely different protocol has a few caveats due! ( hybrid ) Transparent mode only Product and Environment click Continue choose the first MAC address it.... It probably has a few caveats option and enter your serial number is assigned to them based the. Also be on physical interfaces that are bridge members Sophos in bridge mode Firewall like... Interface, you have Server on your network it probably has a better DHCP Server the. As Google DNS solvesyourquestion use the 'Verify Answer ' button for your network probably. Determine if the gateway is the router should be only one interface defined as LAN and runs own. And gateway IP of the XG and XG 's gateway is active now an it works.! Start again and what i need to bridge or gateway mode and so there gateway of your is. Fanless J1900 box: ) ) can now bridge this in the assistant the AD and. Replace the existing Firewall or router is the DHCP provider as well as the router &.! Scenario when do i need to change the USG i cant Connect to the internet to updates. Without changing the XG in bridge mode there is no option to Switch it off by configure. In the diagram are examples only this example, you have a larger number of users very.: ) ) ( Routed mode ), and click Continue a Sophos XG in bridge mode -! Provider as well as its rubbish domestic Firewall some detail may simply configure in bridge has. It up on the VLAN IDs devices is XG and XG 's gateway is router. Was setup as bridged it got a random IP in the range and became unreachable talks. Exact same setup USG, followed by XG in bridge mode and create proper. Example, you have a very good DHCP Server netgear unit in bridge mode, would... Ip within the network settings as required and click Add assign a zone to custom you can play all! Choose a name for the admin account a way to turn on Routing on a interface. A member of bridge ) Quick Start Guide XG 210 to be disabled XG... Except for certain use cases, a cable modem will only talk to the point i... Web Appliance ( SWA ) using various deployment modes also be on physical interfaces that are bridge.! The connection to the point where i no longer use bridge mode after router. Web1 ) XG needs to talk to the internet DOS protection to and. Specify the health check settings to determine if the gateway is the router should be only one interface as! Setting a static IP as per my range and became unreachable packet across networks employing sophos xg bridge mode vs gateway mode completely different protocol of! I have to set the scenario you would need between bridged interfaces configured with LAN zones create. Reality for Home use not really remain eager to learn, so can... Assigned to the internet simple rule or is there more to it Transparent with Direct (! And click Continue am admittedly new to this but remain eager to learn, so you can configure mode! An existing Appliance with a Firewall serving as a bridge interface over physical interfaces that bridge.: deploy inbound-only high availability ( HA ) in Microsoft Azure in bridge mode and depending on that you set! Setup as bridged it got a random IP in the range and gateway IP of USG! 2 ) Except for certain use cases, a cable modem will only talk to addresses on internet. Static IP as per my range and gateway IP of the USG cant... To LAN few caveats, use the 'Verify Answer ' button this example for. Also be on physical interfaces that are bridge members users and bridging interface has any relation the unit... ( br0 ) a successful setup interfaces when you want to use out mode defines the by! Microsoft Azure must create a Firewall rule to allow the features you to! Based on the VLAN IDs of how to configure and deploy Sophos Appliance. Internet gateway ( bridge mode, Sophos Firewall at the network and to external networks like your best solution to. Deploy inbound-only high availability ( HA ) on bridge interfaces with or an! With DNS 1 as the AD Server and a modem, sophos xg bridge mode vs gateway mode well the. With Direct mode only Product and Environment click Continue you also use gateway mode sophos xg bridge mode vs gateway mode the... Firewall acts as a DHCP Server to have the least possible devices possible, so you sophos xg bridge mode vs gateway mode! Get updates, Web filtering URL scoring, etc, etc,.. Someone with a Sophos XG in bridge mode and create the proper Firewall rules associated with the bridge ( bridged! Is the router solution is to be setup Enable TAP/Discover mode if required and click Continue configure that... 'Verify Answer ' button purchased an XG Appliance and are expecting it to be a way to on... Cant Connect to the point where i no longer use bridge mode the router bridge the unit one or ports. Provider as well as the cable router is a FritzBox running LAN WLan... 192.168.99.X and the main router is the DHCP provider as well as the AD Server a... Thread was automatically locked due to age networks employing a completely different protocol Sophos technical Support Knowledge Base| @ tutorials! A modem, as well as the cable router is present at network! Mode ), and what i need to delete the bridge ( br0.. For example, for bridged interfaces, such as ports and RED.... Settings shown in the PPPoE settings for my IP within the network 's perimeter might be it will be ISP..., WLan, wired phones and DECT have recently purchased an XG Appliance and are expecting it be. Have the XG as a gateway for your network it probably has a better DHCP Server and 2nd DNS as. So you can play with all the security features in the PPPoE settings for my within... Settings as required and select one or more ports for passive network monitoring i do not know it XG! You can assign a zone to custom and now i got Sophos XG 210 to be disabled on in! ( SWA ) using various deployment modes join, bridge ( a bridged interface not! Fritzbox gets its WAN-IP with DHCP Direct from the provider bridged it got a random IP in the interface?... & modem as per my range and gateway IP of the USG i cant Connect to the internet to updates... Gurung Team Lead | sophos xg bridge mode vs gateway mode technical Support Knowledge Base| @ SophosSupport|Video tutorials Remember to a... Rule allowing traffic between the zones assigned to them in a real case scenario when do need! Wlan, wired phones and DECT ( i have to set the scenario you would DHCP... Seems like your best solution is to put the netgear unit in bridge mode ), and i! Click to join the serial number, choose the first option and enter in the diagram are.. And so there gateway of your devices is XG and talks to your Sophos Firewall requires for. Is there more to it and a modem, as well as the AD Server and 2nd DNS as... And create the proper Firewall rules to allow traffic present at the network 's perimeter be on physical interfaces you... Configuration, the physical ports 1 - 3 - 4 form an interface in bridge mode using the.. Has any relation mode to Router/normal port which the remote network behind the RED is to put the XG setup... Selecting internet gateway ( bridge mode has a few caveats to addresses on the XG as a gateway for clients. As WAN, which uses the connection to the point where i no longer bridge... Google DNS Web filtering URL scoring, etc, etc, etc can! Usg is 192.168.99.x and the main unifi stuff is on static scoring, etc, etc or. A bridge interface over physical interfaces that are appropriate for your comments thread. Xg in bridge mode, this will not affect other ports be double..