Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 1655 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN Remote not adding all routes

Dave Uzeel

Hi all,

I have multiple s2s connections that all work fine.

I've setup a SSL VPN server for remote access and configured firewall incl nat rule so clients can tunnel through all sites.

I also have a s2s to azure but the tunnel doesnt seem to work from remote clients.

the network is in permitted network resources (restarted the vpn service) but the route is not added.

I also read something about /16 networks that can cause conflicts so i already changed it to /24.

When i manually add the route (windows client) i can reach the network in azure.

I've restarted the VPN services and downloaded the configuration file afterwards but the remote network of azure is not pulled.

Logging of the client:

2021-08-27 14:17:38 TEST ROUTES: 11/11 succeeded len=11 ret=1 a=0 u/d=up
2021-08-27 14:17:38 MANAGEMENT: >STATE:1630066658,ADD_ROUTES,,,,,,
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD wanip MASK 255.255.255.255 gw
2021-08-27 14:17:38 Route addition via service succeeded
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD lan1 MASK 255.255.255.0 vpn
2021-08-27 14:17:38 Route addition via service succeeded
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD lan2 MASK 255.255.255.0 vpn
2021-08-27 14:17:38 Route addition via service succeeded
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD lan3 MASK 255.255.255.0 vpn
2021-08-27 14:17:38 Route addition via service succeeded
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD lan4 MASK 255.255.255.0 vpn
2021-08-27 14:17:38 Route addition via service succeeded
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD lan5 MASK 255.255.255.0 vpn
2021-08-27 14:17:38 Route addition via service succeeded
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD lan6 MASK 255.255.255.0 vpn
2021-08-27 14:17:38 Route addition via service succeeded
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD lan7 MASK 255.255.255.0 vpn
2021-08-27 14:17:38 Route addition via service succeeded
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD lan8 MASK 255.255.255.0 vpn
2021-08-27 14:17:38 Route addition via service succeeded
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD lan9 MASK 255.255.255.0 vpn
2021-08-27 14:17:38 Route addition via service succeeded
2021-08-27 14:17:38 C:\Windows\system32\route.exe ADD wanip MASK 255.255.255.255 gw
2021-08-27 14:17:38 ROUTE: route addition failed using service: object already exists. [status=5010 if_index=12]
2021-08-27 14:17:38 Route addition via service failed

It looks like the last route that needs to be added fails.

Do i need to reboot the firewall for this?

subnets are all different from eachother so no collisions there.

Does anyone have a idea to push me in the right direction?

Thanks in advance!



This thread was automatically locked due to age.