Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 27 subscribers
  • Views 1032 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG 115 / SFOS 18.0.3 MR-3 / Web admin access working locally and through WAN access but not through VPN

armarzook

Dear Community,

The subject itself tells the whole story in brief.

I can locally access the web admin access and also through WAN (public) without any issues,

VPN is working fine and other web server sites published in master site are accessible without a glitch.

Kindly help me to rectify this.

Sophos support advised to change the MTU on the WAN port of XG firewall to which nothing happened.

Looking Forward,

Mohamed Marzook.



Edited TAGs
[edited by: emmosophos at 6:46 PM (GMT -7) on 3 Jun 2021]
Parents
  • 0

    Hello Amarzook,

    Thank you for contacting the Sophos Community!

    Make sure that the traffic directed to the Portal is crossing the VPN trough a Packet Capture on the GUI of the XG.

    Also what IP/Port is being used for the users behind the IPsec to access the User Portal? Are they trying to use the WAN IP address?

    Regards,

  • 0 in reply to emmosophos

    Dear,

    I have checked the packet capture and it shows the traffic from the site A and keeps dropping it with the response "invalid traffic"

    XG ip range - 172.16.xx.xx

    Site A ip range - 192.168.xx.xx

    We are using citrix and other webapps between these sites using the same VPN and its all working very well.

  • 0 in reply to armarzook

    Hello Armarzook,

    Thank you! 

    May have your Case ID to better understand the steps taken so far.

    I am not understanding what IP the users on the VPN are using to connect to the GUI of the XG.

    Regards,

  • 0 in reply to emmosophos

    tbh I think it's an issue with allowed subnets on one of the firewalls. 

    please provide screenshots and/or excerpts of logfiles when trying to connect to the XG from site B. Provide logfiles from both, your XG and your SonicWALL. Also provide screenshots of your site2site VPN configurations of both firewalls. You're also free to open a case if needed at Sophos Support and provide the case ID to in this thread. 

    Thanks!

Reply
  • 0 in reply to emmosophos

    tbh I think it's an issue with allowed subnets on one of the firewalls. 

    please provide screenshots and/or excerpts of logfiles when trying to connect to the XG from site B. Provide logfiles from both, your XG and your SonicWALL. Also provide screenshots of your site2site VPN configurations of both firewalls. You're also free to open a case if needed at Sophos Support and provide the case ID to in this thread. 

    Thanks!

Children
No Data