Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 598 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I have followed the enclosed guide, yet I still can't ping another address?

Taz69

Hi all, 

 

I am new to Sophos XG Firewall, /i have created a VM under ESXI6.7, installed Sophos XG Firewall 17.5, it appears to be working, I can access the Internet from my Lan so thats a positive note.

 

However despite following this guide to the letter, I am unable to ping the Lan network of 10.0.1.1 let alone see my Desktop etc, my MacBook Pro gets issued with an IP 10.81.234.8 subnet 255.255.255.0

The guide https://community.sophos.com/kb/en-us/122769#Defining%20local%20subnet%20and%20remote%20SSL%20VPN%20range

The FW rule is in place, I've double checked everything as far as I can see.

Any suggestions please?

Thanks



This thread was automatically locked due to age.
  • 0

    Hi,

    you appear to have network mask issues.

    10.0.1.1 for network 10.81.234.8/24 for your MBP are not in the same network.

    Ian

  • 0

    Hello Taz69,

    Thank you for contacting the Sophos Community.

    I take the SSL VPN is connecting.

    Make sure your Firewall rule is set on the top of the XG, and also in the VPN to LAN Firewall rule, can you enable Masquerading, and see if this fixes the issue.

    Regards,

  • 0 in reply to rfcat_vk

    Hi, 

     

    The 10.0.1.0 is my local Network, the 10.81 is the default for the VPN IP. I was hoping that my MacBook would be able to see my LAN PC's/iMac etc by following that guide or at least thats what it lead me to understand.

    Thanks

  • 0 in reply to emmosophos

    Hi, 

     

    Yes the VPN is Connecting, its get issued with an address 10.81.234.7 etc

    I have just tried the MASQ and no joy

    I am able to ping the Firewall's IP but that was the case before changing MASQ etc. but that is the only IP address on the LAN I can ping.

     

    Thanks 

  • 0 in reply to Taz69

    Hello Taz69,

    Would you mind enabling Support Access in your XG, I would like to check your configuration and add a test user to see what happens with the Pings.

    Monitor & Analize >> Diagnostics >> Support Access >> ON >> Access Status >> And copy & paste the Access ID and send it to me.

    Regards,