Interface Types

The following list shows which interface types can be added to Sophos UTM on AWS, and what type of hardware is needed to support them:

Group: You can organize your interfaces in groups. In appropriate configurations, you can then select a single interface group instead of multiple interfaces individually.

3G/UMTS: This is an interface based on a USB modem stick. The stick needs to be plugged in and Sophos UTM on AWS needs to be rebooted before interface creation.

DSL (PPPoA/PPTP): PPP over ATM. A DSL PPPoA device lets you attach your gateway to PPP-over-ATM compatible DSL lines. These devices use the PPTP protocol to tunnel IP packets. They require a dedicated Ethernet connection (they cannot co-exist with other interfaces on the same hardware). You must attach a DSL modem to the interfaces network segment. The network parameters for these device types can be assigned by the remote station (typically, your ISP). In addition, you need to enter username and password for your ISP account. You also need to enter the IP address of your modem. This address is usually hardwired in the modem and cannot be changed. To communicate with the modem, you have to enter a NIC IP address and netmask. The modem's IP address must be inside the network defined by these parameters. The Ping Address must be a host on the other side of the PPTP link that responds to ICMP ping requests. You can try to use the DNS server of your ISP. If this address cannot be pinged, the connection is assumed to be dead, and will be reinitiated.

DSL (PPPoE): PPP over Ethernet. A DSL PPPoE device lets you attach your gateway to PPP-over-Ethernet compatible DSL lines. These devices require a dedicated Ethernet connection (they cannot co-exist with other interfaces on the same hardware). You must attach a DSL modem to the interfaces network segment. The network parameters for these device types can be assigned by the remote station (typically, your ISP). In addition, you need to enter username and password for your ISP account.

Ethernet DHCP: This is a standard Ethernet interface with DHCP.

Ethernet: This is a normal Ethernet interface, with 10, 100, or 1000 Mbit/s bandwidth.

Ethernet Bridge: This is a Ethernet interface using a bridge to connect Ethernet networks or segments to each other.

Ethernet VLAN: VLAN (Virtual LAN) is a method to have multiple layer-2 separated network segments on a single hardware interface. Every segment is identified by a "tag", which is just an integer number. When you add a VLAN interface, you will create a "hardware" device that can be used to add additional interfaces (aliases), too. PPPoE and PPPoA devices cannot be run over VLAN virtual hardware.

Modem (PPP): This type of interface lets you connect Sophos UTM on AWS to the Internet through a PPP modem. For the configuration you need a serial interface and an external modem on Sophos UTM on AWS. And you also need the DSL access data including username and password. You will get these data from your ISP.

About Flexible Slots

Certain types of Sophos hardware appliances allow to easily change interface hardware by providing so-called slots where slot modules can be inserted and switched flexibly. If such hardware is being used, WebAdmin displays the slot information along with the hardware interfaces. This looks for example like eth1 [A6] Intel Corporation 82576 Gigabit Network Connection, where the slot information is provided in the square brackets, A6 being the 6th port in slot A. Currently, up to three slots are possible, labeled A-C with up to eight ports each. Onboard interface cards will be labeled [MGMT1] and [MGMT2].

Slot information is provided in the following places of WebAdmin:

For up-to-date information on which appliance types come with flexible slots, please refer to the Sophos UTM on AWS webpage.