This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG After Migration to 18.0.04 Direct Access Client can´t reach VPN Branch Office / Refleive Rule Prob?

juergenb52 over 4 years ago

Hi,

i had XG 17.5.14-1 up and running.

Some Clients used Microsoft Direct access to connect from Home Office to company.

They connect a public IP, reached the internal DA server at 192.168.0.143.
The DA Server is on the Head Office.

Requests where forwarded from DA to Default Gateway (XG 17.5.14-1) with internal IP 192.168.0.254

XG 17.5.14-1 had a VPN connection to the Branch Office 192.168.10.0/24 (XG 18.0.4).
All was fine and DA Clienst could reach PC´s and Printer in BO.

Frome HO, all Clients where able to communicate with BO (192.168.0.0/24 <-> 192.168.10.0/24).

After i migrated from 17.5 to 18.0.4 all DA Clients can only reach 192.168.0.0/24 clients.
They can´t reach any 192.168.10.0/ clients.

All HO Clients can still reach BO clients.

The DA Server is the only server that can´t reach BO.

Where do i need to check this, can this be a problem of a reflexive rule?

I have on reflexive rule for the DA Server

Source: DA Server
Dest: Any
Service: Any
SNAT: Masq
DNAT: Original
PAT: Original
Inbound IF: Any
Oubount IF: Any

Thanks for you help

Jürgen

This thread was automatically locked due to age.

Parents

Reply

Children

No Data