The above will get you started and then can be refined with reduced internet access, business rules for your servers. Accept the AP, change country to your country create your SSIDs and assign them to the AP. That will get you going with minimal issues and minimal security. IPS to LAN to WAN, MASQ and set output to WAN link name. Enable http scanning, application and web tabs to allow all. Plug the WAN port into the router, change the WAN port to DHCP.įirewall rule - source LAN -> any -> destination WAN -> any -> all - > log. Also the VLANs on XG are 元 so you will need an IP address (different range) on the physical interface. Your setup will work, but without the VLAN until you configure the XG to have a VLAN. Internal and External, Internal i know but what will be the external IP for the Firewall connected to the 4g router. If possible Can you please explain in detail including how the clients + servers will connect to the internet ? Firewall will have two IP's i.e. connected directly to the 4G internet router via ethernet cable?įirewall will act as a Wireless point for wireless clients?įirewall will act as a gateway for the Servers/Clients? is DMZ is must or we can go without it?Ī) servers(172.21.24.5-30/24 GW is 172.21.24.1)+clients (172.21.24.50-150/24 via DHCP Server GW is 172.21.24.1)->switch(single VLAN)->Internal Interface (172.21.24.1) Sophos Firewall-connected via direct Ethernet cable to the internet router->4g internet router-> Internet
![intermapper sophos xg 135 intermapper sophos xg 135](https://cdn.stratuscloud.co.za/wp-content/uploads/2020/12/sophos-xg-135-front-250x250.png)
How much data is your 4G allowance? -> Speed is 64Mbps - initially 100 GB package which is more than enough later on we can replace the 4g router with a network internet connection from an ISP - Yes the 4G connection will have static IP address, 3 public IP addresses are included with the 4G Internet Packageĭo people need to access the servers externally? If yes then you might need to consider a DMZ? Yes the Email server needs to be accessed externally from internet + there will be remote VPN users as well.
![intermapper sophos xg 135 intermapper sophos xg 135](https://www.enterpriseav.com/images/XG-Firewalls/XG-125/XG-125.png)
I have attached a network diagram which is not neat and good as i created it under 10 mins for this post only, If possible please explain in detail and step wise.
![intermapper sophos xg 135 intermapper sophos xg 135](https://www.corporatearmor.com/wp-content/uploads/2019/05/sophos-xg-125-front.png)
Now i have a couple of questions regarding the above scenario:ġ) First question about the recommended network connectivity i.e.Ī) servers+clients->switch->Sophos Firewall- connected via direct ethernet cable to the internet router->4g internet router-> Internet ORī) servers+clients->switch->4g internet router- connected via direct ethernet cable to the internet router->Sophos Firewall-> InternetĢ) There are VPN users as well who will needs to connect to the network using remote VPNģ) Also what about the wireless connection 172.21.24.50-150/24.ĭue to time shortage it is decided to go for a 4g internet connection and also to use a firewall, for which i have recommended sophos xg 135( including web/network/email security and end points security). Its my first post, I am new to networking, as my main job is as a developer my question is as below:Ĭurrently in our new office is there is No internet connection, In total we have 5 servers having IP address range of 172.21.24.0/24 including one exchange server having IP address 172.21.24.30/24, out of these 5 server one server acts as a DHCP server, All Servers have static IP addresses, while clients machine(connected to a switch) IP's are assigned by the DHCP server in the same range i.e.