Deploy Sophos Firewall in gateway mode
When you deploy Sophos Firewall in gateway mode, Sophos Firewall acts as a gateway for your network.
When you configure Sophos Firewall as a layer 3 bridge (in gateway mode), you can use all of its security features and also use it to route traffic.
In this example, you have a network with a firewall serving as a gateway. You'll replace the existing firewall with Sophos Firewall without changing the existing network LAN schema.
The following network diagram shows a network where Sophos Firewall is deployed in gateway mode.
The IP addresses shown in the diagram are examples. Your network may be different.
Gateway mode deployment
Sophos Firewall is shipped with the following default configuration:
- Port A IP address (LAN zone): 172.16.16.16/255.255.255.0.
- Port B IP address (WAN zone): DHCP IP assignment.
Connect port A of Sophos Firewall to an endpoint computer's Ethernet interface and set the endpoint computer's IP address to
172.16.16.2/24. Browse to
https://172.16.16.16:4444 to access the graphical user interface (GUI) and follow the steps in the assistant.
Configure Sophos Firewall in gateway mode
Select Click to begin.
Set a new password for the admin account.
If required, click Manual configuration.
Choose a name for the firewall and set the time zone.
Register your firewall.
Sign in or create a Sophos Central account.
If you selected a 30-day trial, select a licensing option and click Claim firewall.
The serial number is assigned to your Sophos Firewall.
Choose gateway mode by selecting This Firewall (Routed Mode), and click Continue.
Click Enable TAP/Discover Mode if required and select one or more ports for passive network monitoring.
Select network protection options as required and click Continue.
Set an email recipient for notifications and backups and click Continue.
Review the configuration summary, and click Finish.
Sophos Firewall applies the configuration changes and reboots.