Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 26 subscribers
  • Views 4079 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot ping remote devices when connected to VPN via Sophos Connect

Daniel Hargrove

Hi. 

Looking for some help around Sophos XG SSL VPN (Remote Access) and Sophos Connect. 

I have set this up per the Sophos instructions to connect to our office network and I can connect as expected, but when connected I cannot ping any devices on the office network. 

The firewall rule I have configured is as follows: 

Source Zone = VPN

Source Networks = Remote SSL VPN Subnet (set as per video on 10.8.234.0) 

Destination Zone = Office LAN 

Destination Subnet = Office Subnet (192.168.11.0/24) 

Match Known Users > User Group - SSL VPN Users 

I do have a number of Site-to-Site VPN's configured so I am wondering if the rule placement in the list is at fault or maybe I am missing something from the rule itself. 


Also, I have setup a Provisoning File to Sophos Connect but I have the same issue as in it connects as required but again I cannot ping anything on the office network. 


Any thoughts would be appreciated

Many thanks, Dan 



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to FormerMember

    OK - So I now have some results. 

    I can see the following: 

    In Interface - TUN0

    OutInterfae - Port3.11 

    Ethernet Type - IPv4 

    Source IP - 10.81.234.7 (my remote laptop)

    Destination IP - 192.168.11.210

    Packet Type - ICMP

    Status - Violation 

    Reason - Fiewall 

    Any thoughts? 

    Thanks, Dan 

Children
  • FormerMember
    0 FormerMember in reply to Daniel Hargrove

    Hi ,

    Thank you for the update. Is ping allowed on the VPN zone? Go to Administration > Device Access to verify. 

    If it's already allowed, then configured firewall rule has something wrong. If you could share the support access id from your firewall by sending me a personal message, I can double-check the configuration and update you with the next step. 

    Thanks,

  • FormerMember
    0 FormerMember in reply to FormerMember

    Hi ,

    Thank you for providing the support access; I've replied to your personal message. 

    It seems ping wasn't allowed on the VPN zone on your firewall. Pelase go to Administration > Device Access and allow ping on the VPN zone and let me know if that resolves your issue. 

    Thanks,

  • FormerMember
    0 FormerMember in reply to FormerMember

    Hi ,

    I noticed the SSL VPN network definition isn't correct in VPN to LAN firewall rule. Please correct it as per the network configured under SSL VPN settings > IPv4 lease network and let me know if that resolves your issue. 

    Thanks,