Hi
We have an Azure virtual Sophos XG x18 that we have setup for SSLVPN client connections.
This is working well and we can connect in to our Azure tenant and route to all vNETs OK.
Within the same "Hub" vNET we have an Azure vNET Gateway service that has site to site VPNs with branch offices.
What I would like to be able to achieve is a client VPNs in to the Sophos appliance and can also then connect through the vNET gateway to branch offices.
I have added routing tables, I have added the subnet for the SSLVPN client in to the branch tunnels, updated the ACLs etc but the traffic doesnt appear to be able to get from the Sophos to the vNETGateway appliance.
VPN Client = 10.82.234.x
Sophos VA = 10.100.1.4
VnetGateway is in the same vNET as the appliance 10.100.0.0/16
Remote branch = 192.168.0.0/24 tunnelled via IPSEC IKEv2 tunnel to vNETGateway service
I'm wondering if I may need to NAT the VPN client traffic on the sophos to make the VPN client appear to come from the azure XG LAN interface 10.100.1.4/24 so that the vNet gateway recognises the traffic?? as currently the vNETGateway is not going to be aware of 10.82.234.0/24 as its not going to be a learnt subnet as it doesnt exist as a vNET within the tenant but only exists on the XG itself.
Any help on this much appreciated.
Thanks
Dan
This thread was automatically locked due to age.
