I recently set up an IPSec remote access VPN trying to use it as the backup of the SSLVPN (also remote access). However, IPSec clients connects fine but are unable to access any allowed LAN resources. SFOS 18.5.2 MR-2-Build380
My configuration is really simple:
IPSec
Authentication type: Preshared Key
Assign IP From: 192.168.18.2-192.168.18.20 (not overlapping with any existing network)
Use as default gateway: OFF
Permitted network: LAN, VLAN5
FW rule 1:
Action: Accept
Source: VPN, Source network: IPSec Clients IP Range (192.168.18.2-192.168.18.20), Dest zone: LAN. Dest networks: LAN, VLAN5, Service: Any
None for all other security features.
FW rule 2:
Action: Accept
Source: LAN, Source network: LAN, VLAN5, Dest zone: VPN. Dest networks: IPSec Clients IP Range (192.168.18.2-192.168.18.20), Service: Any
None for all other security features.
Ping is enabled in device access under VPN. Client including iOS and macOS, iOS profile pushed via Meraki (as Cisco IPSec), macOS uses the .scx with Sophos Connect Client.
Thoughts?
This thread was automatically locked due to age.
