Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 26 subscribers
  • Views 1482 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote SSL VPN not connecting

mh3000

Hello everyone, 

We have recently deployed a new appliance Sophos XG 135 with its basic configuration.

Now we are trying to make SSL VPN for remote users work. 

But we are getting this error in the client side when trying to connect, even before beign prompted form credentials:

Options error: --nobind doesn't make sense unless used with --remote
Use --help for more information.

We have configured from the GUI this items so far:

A. SSL VPN groups and users: user from a OU currently imported from Active Directory groups and users

B. IP host defined for local subnet.

C. Remote SSL VPN policy: 

- Policy members: imported OU

- Permited network resources: local subnet

D. Authentication services: 

- SSL VPN Authentication Methods: Local and Active Directory Server

- Firewall Authentication Methods: Local and Active Directory Server

E. Allowed zones for SSL VPN

LAN: SSL VPN (check), User Portal (check)

WAN: SSL VPN (check), User Portal (check)

F. VPN Settings: default (Ip lease range: 10.81.234.5 - 10.81.234.55... etc)

G. Firewall Rule

Action: Acept

Rule Position: Top

Source Zones: VPN

Source Networks and Devices: any

Destination Zones: LAN

Destination networks: Local subnet

Match known users (check): Active Directory OU

*Other settings were left default

Any advise about what can I check? (logs, settings)

Thanks in advance.



This thread was automatically locked due to age.
Parents
  • 0

    Solved this by specifying the WAN IP address of the WAN interface into the foverride hostname field within the VPN settings

    For some reason, before that adjunstment, the SSL VPN client configuration file, usually stored into C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\config , didn´t specifiy any remote parameters

    After manually setting the WAN IP and installing a new SSL VPN agent, the parameter was added into the config file and I was able to stablish a connection.

Reply
  • 0

    Solved this by specifying the WAN IP address of the WAN interface into the foverride hostname field within the VPN settings

    For some reason, before that adjunstment, the SSL VPN client configuration file, usually stored into C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\config , didn´t specifiy any remote parameters

    After manually setting the WAN IP and installing a new SSL VPN agent, the parameter was added into the config file and I was able to stablish a connection.

Children
No Data