Hi,
my setup is XG in the head office and another one in the branch office.
Head office: 10.10.0.0/16 with some subnets
Branch office: 192.168.0.0/21
IPSEC site-2-site between the two XG working fine, all hosts accessible from branch office to head office and vice versa
SSL-VPN remote access to head office working fine, all host in LAN 10.10.0.0/16 accessible
SSL-VPN remote access to branch office working fine, all host in LAN 192.168.0.0/16 accessible
BUT: Remote SSL-VPN users connected to XG in head office cannot connect to hosts in branch office
and Remote SSL-VPN users connected to XG in branch office cannot connect to hosts in head office
I added firewall rules on both XGs for the other sites SSL VPN networks and the policy tester tells me that access is allowed. It seems to be a routing isse, other members had that isse too:
https://community.sophos.com/products/xg-firewall/f/network-and-routing/101456/remote-ssl-vpn-to-ipsec-site2site-vpns
https://community.sophos.com/products/xg-firewall/f/network-and-routing/96286/sophos-xg---ssl-vpn-no-access-across-ipsec-tunnel
https://community.sophos.com/products/xg-firewall/f/network-and-routing/95675/accessing-host-in-ipsec-vpn-network-from-ssl-vpn-client
One solution seems to be to add a route manually in the console. I am not very familiar with it, so has anyone else a solution for my problem?
Thanks, Dirk
This thread was automatically locked due to age.
