IPSec remote access(Full tunnel) can't access internal LAN and Internet

Question

Hi All, 
 
 I have configured IPSec remote access VPN (full tunnel). Sophos connect client can connect to the tunnel but i'm unable to access the LAN and internet. 
 This is the configuration of the IPSec remote access. 
 
 This is the Firewall rule of VPN to LAN/WAN 
 
 This the firewall rule from LAN/WAN to VPN

This the Sophos client connection status. 
 
 Also, when i checked the log viewer i can't see any traffic coming from or going to the VPN. 
 I'm not really sure what steps did i missed.

FormerMember · Accepted Answer

Hi Preety Gupta , 
 Thank you for reaching out to Sophos Community. 
 Could you please remove LAN zone from destination zones in 'VPN_IPSecVPN' firewall rule? 
 You can also disable/delete 'VPN_IPSecWANLAN' firewall rule. 
 I'd suggest adding individual firewall rules for LAN to VPN and VPN to LAN communication. 
 
 Ensure that Sophos Connect IP range network(10.81.234.x) is different from SSL VPN IP range network. 
 After connecting the Sophos Connect client, do you see the default route on the end machine? 
 You can check the route table using below command., 
 C:\Windows\system32> route print

IPSec remote access(Full tunnel) can't access internal LAN and Internet

Top Replies