Hi - Trying to setup my Yayzi FTTP connection to work through my Sophos UTM VM running on Hyper-V. First post for me so please go easy.
I’ve seen the post on “Using my own router” which hints it can be done but for the life of me I can’t work it out so looking for any help or pointers in the right direction to help me work out what I am doing wrong / sanity check my setup, especially if someone has managed to set this up via Sophos UTM themselves.
Setup is as follows:
Sophos UTM 9.5 VM on Hyper-V on physical PC with 3 Network Cards.
Network card 1 is connected to unmanaged physical switch to see the rest of my internal network / domain.
Network card 2 is connected to Plusnet PPPoE modem which connects to BT phone line (which currently gives me internet but I want to terminate and use Yayzi)
Network card 3 is connected directly to ONT (bypassing EX820v router but router is connected to unmanaged physical switch from LAN port 1) - Is this correct or should it be RJ45 from ONT to WAN port on EX820v router then RJ45 from LAN port on EX820v router to network card 3?
Virtual Switch Manager in Hyper-V has 3 External Switches created:
Switch 1 called vExternal is connected to Network card 1 and allows OS to share NIC - is not set to any VLAN
Switch 2 called WAN is connected to Network card 2, does not allow Management OS to share NIC and is not set to any VLAN
Switch 3 called YAYZI WAN is connected to Network card 3 and allows OS to share NIC and is set to VLAN 911 - apparently if I don’t allow OS to share, I can’t set VLAN either.
UTM VM has three ethernet connections (eth0, eth1 and eth2)
eth0 is called Internal, connected to Ethernet
eth1 is called Plusnet WAN and is connected to PPPoE and is set as default GW
eth2 is called Yayzi WAN and is connected to Ethernet VLAN and tagged with VLAN 911, has my static 31.x.x.x IP address set and a /32 subnet mask. It is currently NOT set as default GW
All three interfaces report as Up / Up but I’m just not getting any traffic through the eth2 interface. All internet traffic is still going via Plusnet (eth1). If I down interface eth1 still no traffic goes through eth2.
If more information is needed then let me know. Any guidance massively appreciated. Many thanks. Chris
Now, unfortunately, I don’t have any experience with the Sophos UTM Software, however the cabling should be as such
Network card three on network card two, Which ever one you want to use should go straight into the ONT, You can totally eliminate the TP link router entirely
Just make sure your settings are set to DHCP and VLAN911 and it should pick up an IP address after about 20 minutes
Hi L0rdVerga and thanks for replying so quickly.
Thanks for confirming I can connect direct from network card 3 to ONT and bypass the router entirely. I can now see that eth2 (Yayzi WAN) has picked up a 31.x.y.z address from yayzi.co.uk so I’ll continue testing and report back.
Many thanks L0rdVerga but sadly that doesn’t do what I need. Whilst it is good to know that the router can be bypassed entirely, plugging the ONT cable directly into the network card in the PC itself only allows that PC to access the internet and none of the other PCs in the house so back to the drawing board. Guest Wifi also doesn’t seem to work since I guess it has no way of routing out? It’s a long shot but reaching out to see if someone in the community has successfully configured this via Sophos UTM rather than OpnSense / PFSense.
In my gut, I think this is a VLAN related issue so I’m going to purchase a more modern network card (currently running on Quad Port Intel Pro 1000/PT) and see if I have any more luck with that. That may take a few days before I get round to testing again.
I think the VLAN config etc. is all good as cbhatt is getting an IP assigned by Yayzi which would not be the case if the VLAN setting was incorrect. It seems more of a routing issue.
Hmm, I think for Interface Type though, you still need Ethernet and not Ethernet VLAN - this should be a physical NIC with the cable going from that to the ONT.
Just going off that last set of screenshots, looked like it had a static 31xxx address set and not a DHCP and zero packets being received - which would be out of date now anyway I guess
So, yeah, select standard Ethernet for the Yayzi connection and Dynamic IP. On the VM, that’s where you need to assign the VLAN tag - obvs 911 in this case
Something like that should hopefully work. I think you will need to disable the PPOE connection though, unless you’ve set Uplink Balancing or doing other complicated stuff!
Initial result is it works Changing to Ethernet and Dynamic IP and GW (and turning off Default GW for the Plusnet) finally has some data coming down the pipe. Not the quickest but it’s a start.
I’ll try and figure out the lack of speed issue and do some more thorough testing and report back with the config I used in case anyone finds this thread in the future.
Many thanks for the help and pointers as I’d have kept going down various rabbit holes forever otherwise.
The lack of speed is affecting everyone I’m afraid - my last download check was 2.7mb!! So, don’t be concerned by that being something your end as it’s not.
Changing to Ethernet and Dynamic IP and GW (and turning off Default GW for the Plusnet) finally has some data coming down the pipe. Not the quickest but it’s a start.