Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1071 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos VPN Client using web proxy

Kraga

Hi, i need some help. I have XG210.

i have configured sophos vpn client and web proxy. When clients connect to a VPN and web proxy is enabled, all internet traffic goes through the wan port on sophos xg.
I want clients to use their internet and only to check the content through a web proxy on sophos xg.



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi ,

    Thanks for reaching out to the Community! 

    Can you explain a bit more about "I want clients to use their internet and only to check the content through a web proxy on Sophos XG."? 

    What type of VPN client are you using, and is it SSL or IPsec remote-access VPN? Is it a full or split tunnel? 

    Thanks,

  • 0 in reply to FormerMember

    I m using IPsec remote-access VPN and in configuration for Sophos Connect only my local LAN is allowed. 

    When is web proxy disabled for VPN users, everything is ok, they use ipsec for access to our LAN, for Internet they use local gateway.

    I have firewall rule VPN-LAN, LAN-VPN. VPN-WAN

    I dont want them to use internet on Sophos XG.

  • FormerMember
    0 FormerMember in reply to Kraga

    Hi ,

    What is the current firmware version on your firewall? Would it be possible for you to share the screenshot of the IPsec(remote access) > Advanced settings? You probably have a full tunnel configuration, meaning all traffic will be directed through the VPN connection.

    Thanks, 

  • 0 in reply to FormerMember

    Hi Harsh,

    My curent firmware is 18.0.4 MR-4.

    Lokalna mreza is our LAN.

  • 0 in reply to FormerMember

    Hi Harsh,

    Did you find out what is the problem with my configuration.

    I just want to use web proxy policy for VPN users over ipsec remote access but I want users to use their local internet and gateway.

  • FormerMember
    0 FormerMember in reply to Kraga

    Hi ,

    If you want to use web proxy on the firewall over remote access VPN, you would have to use the Tunnel All(Full Tunnel) gateway type. In Tunnel All, the remote traffic will use a firewall as a gateway and not the local ISP. What you're trying to do isn't possible. 

    Thanks,

  • 0 in reply to FormerMember

    It is a pity that sophos does not support this option because this way the internet link will be loaded too much by VPN users.