Sophos Firewall Interface Mapping on vSphere
When you deploy a Sophos firewall on VMware vSphere, you start with 3 network interfaces PortA for LAN, PortB for WAN, and PortC is unassigned.
In VMware vCenter, PortA is Network adapter 1, PortB is Network adapter 2, and PortC is Network adapter 3.
However, when you add more network adapters in VMware vSphere, the mappings between SFOS (Sophos Firewall Operating System) and VMware vSphere no longer align.
In this post, I will show you, step by step, how to add more network interfaces to SFOS (Sophos Firewall Operating System) running on VMware vSphere and how to map the interfaces between SFOS and VMware vCenter.
The Process
Adding Interfaces
- In vCenter, shut down the SFOS VM.
- Once the SFOS VM has shut down, click on Edit Settings.
- To add additional network adapters, click Add New Device, then click Network Adapter.
VMware vCenter VMs can have up to 10 network adapters.
In my example, I will add 7 more network adapters, bringing the total to 10.
When adding network adapters, it defaults to the E1000 adapter type, which you can use, but it’s recommended to use the VMXNET 3 adapter type.
- On each new network adapter, change the Adapter Type from E1000 to VMXNET 3.
- Power on the SFOS VM.
Mapping Interfaces
Once the SFOS VM has booted after adding the additional network adapters, the interface mapping between vCenter and SFOS won’t match, except that the SFOS network interface PortA always maps to network adapter 1 in vCenter.
Since PortA in SFOS is always vCenter network adapter 1, we will update its name in SFOS to reflect this mapping in vCenter.
- Login to the SFOS.
- Click on Configure > Network.
