Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 28 subscribers
  • Views 1005 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSSL VPN and external to internal route

tomrgsd

We have setup and are successfully using SSL VPN with clients. The issue I am having relates to an 3rd party service we are using. The service uses a site to site VPN connection from within our network to theirs. Per their instructions, on my main router, I have a route statement to point their public address block to the private internal address of the VPN device in our network. This works fine within in the network, however, it does not work remotely via VPN. I have tried to modify my policy to use the VPN as the default gateway, but it still does not work. I'm not sure the traffic gets to my main router as it it is all served from the Sophos box. Do I need to add a route statement on the Sophos box so the VPN traffic knows to use the internal address. Any help is appreciated.



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi  

    Thank you for reaching out to the Community!

    Is there site to site IPsec VPN configured from XG to the third-party network? Are you trying to route SLL VPN traffic through the site to site VPN? 

    Could you provide a network diagram or configuration detail of your site to site VPN?

    I would advise you to check the following KB Articles and let us know if it applies to your scenario. 

    Thanks,

  • 0 in reply to FormerMember

    There is not a site to site from our network to the 3rd party device. They have The only way traffic gets their is via the route statement in my router which basically says anything going to [3rd party Public IP Range] go to [Internal Private IP address]. I requested the IP range of the XG VPN address to be in the allowed range on their device and they indicated that was changed. I suspect though, that the my client SSL VPN traffic is hitting the Sophos XG and not directed to the router, it just tries to go out to the internet which does not work.

  • 0 in reply to tomrgsd

    Hello 

    Can you share the screen shot of route statement for "my router which basically says anything going to [3rd party Public IP Range] go to [Internal Private IP address]."

    Is that route added in XG firewall within static route? is it interface route or gateway route? 

    If you suspect that the client SSL VPN traffic is hitting the Sophos XG and not directed to the router then probably there is no routes configured on XG for [3rd party Public IP Range] to be forwarded to your internal private IP address/router.

    A network diagram would be helpful to understand your network. 

    Hardik R 
    If a post solves your question use the 'Verify Answer' link.

Reply
  • 0 in reply to tomrgsd

    Hello 

    Can you share the screen shot of route statement for "my router which basically says anything going to [3rd party Public IP Range] go to [Internal Private IP address]."

    Is that route added in XG firewall within static route? is it interface route or gateway route? 

    If you suspect that the client SSL VPN traffic is hitting the Sophos XG and not directed to the router then probably there is no routes configured on XG for [3rd party Public IP Range] to be forwarded to your internal private IP address/router.

    A network diagram would be helpful to understand your network. 

    Hardik R 
    If a post solves your question use the 'Verify Answer' link.

Children
No Data
Cookie Information Banner