Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 8955 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Route specific traffic over split SSL VPN

amaurib

Hello, 

I have created a Split SSL VPN tunnel (Remote Access)  and im able to access internal resource while connected over VPN. Is it possible to route specific traffic over the tunnel ?

IE, route all traffic to 212.39.82.158 to go over the tunnel.

I remember I had something similar configured with openvpn/pfsense 

push "route 212.39.82.158 255.255.255.255";
push "route 212.39.82.158 255.255.255.255";

Is it possible to do this with sophos xg ?



This thread was automatically locked due to age.
Parents
  • +1

    Hi,

    Interesting Question.

    You should make a try by putting 212.39.82.158 in ssl vpn Permitted network resources section.

    Then create a firewall policy to allow traffic from VPN zone to that Host zone(WAN).

    once ssl configuration is downloaded and installed in client machines, it will create a route for 212.39.82.158 so that it will reach your firewall,

    Please check and reply.

  • 0 in reply to Myth-M

    Thanks for posting! 

     

    I Kept testing after creating this post and was able to make it work by doing exactly what you said.

    Resuming

    • Create a SSL VPN (Remote Access) VPN with no Default Gateway.
      •  Permitted network - LAN port and Add new item "Add IP Host"
    • Create a Firewall Rule where the source is VPN and the destination is WAN

     

    Thats all needed. Thanks again.

Reply
  • 0 in reply to Myth-M

    Thanks for posting! 

     

    I Kept testing after creating this post and was able to make it work by doing exactly what you said.

    Resuming

    • Create a SSL VPN (Remote Access) VPN with no Default Gateway.
      •  Permitted network - LAN port and Add new item "Add IP Host"
    • Create a Firewall Rule where the source is VPN and the destination is WAN

     

    Thats all needed. Thanks again.

Children
No Data