Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 28 subscribers
  • Views 2160 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos SSL VPN connection but cannot reach computers connected in LAN Interface

Norman Valdez

I am a beginner in Sophos Firewall.

I am using Sophos XG 106.

I followed all the video tutorials i could find regarding setting up the Remote SSL VPN connection, and yet i could not connect to the computer attached to my sophos device. 

I reached out to some people I know, all they could advise is look into the Firewall Rules. Upon reading on other articles, it was mentioned to add MASQ setting.... so i started looking to for this in my sophos settings, i found it to be under NAT RULE:



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    check with route print command in cmd on the remote users computer if it has a route to 172.16.16.0 255.255.255.0 through the tunnel interface. Also test with tracert on the remote computer to see how the packets go. You should not need NAT for connecting to LAN computers through SSL VPN. If the LAN computers are Windows devices, they are likely to have Windows firewall enabled what will block ping and other requests from the VPN subnet 10.81.234.0/24.

    Of course yo need also firewall rules on the XG enabled to allow access. You can easily find out with live log viewer if anything is blocked from VPN subnet to LAN subnet.

Reply
  • 0

    Hi,

    check with route print command in cmd on the remote users computer if it has a route to 172.16.16.0 255.255.255.0 through the tunnel interface. Also test with tracert on the remote computer to see how the packets go. You should not need NAT for connecting to LAN computers through SSL VPN. If the LAN computers are Windows devices, they are likely to have Windows firewall enabled what will block ping and other requests from the VPN subnet 10.81.234.0/24.

    Of course yo need also firewall rules on the XG enabled to allow access. You can easily find out with live log viewer if anything is blocked from VPN subnet to LAN subnet.

Children
No Data