Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Subscribers 26 subscribers
  • Views 1684 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exchange Server DNAT not available when connected to VPN

Pascal Groos

Hi,

We are facing some serious issues with 2 of our Exchange Servers which are behind an Sophos XG 210 FW18-379

We had 2 DNAT rules which allow HTTP and HTTPS to these servers these work fine from WAN side but a soon as we connect through VPN (IPSEC or SSL-VPN) these servers are not available

So instead of these DNAT rules we tried WAF rules to these 2 Exchange 2019 servers which bring a whole lot of different problems (disconnecting Outlook clients) but at least they are available through VPN.

i disabled one of the WAF rules and created a DNAT Rule through the new DNAT Wizard to one of these Exchange servers (port 80 and 443) which creates all the necessary rules (i believe?), after that i'm still not able to connect to the Exchange servers as soon as i make a VPN connection

Am i missing something?, it seems to me it would be rather simple to achieve this...



This thread was automatically locked due to age.
Parents
  • +1

    Hi  

    When you try to access the exchange through VPN using DNAT, what IPs are being used for exchange? Is it public IPs? Could you please add those public IPs in the "Permitted Network" of SSL VPN and check, Please also add VPN to WAN firewall rule to test and share the result.

Reply
  • +1

    Hi  

    When you try to access the exchange through VPN using DNAT, what IPs are being used for exchange? Is it public IPs? Could you please add those public IPs in the "Permitted Network" of SSL VPN and check, Please also add VPN to WAN firewall rule to test and share the result.

Children