Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 948 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Reverse Proxy WebServer behind IPSec Tunnel

Ben@Network

Hello,

I have a VPN tunnel to another site, there is a web server that should be reached via a reverse proxy on the XG. The XG has an additional IP address (192.168.0.140) on the LAN interface (the LAN interface has IP 192.168.0.2). The IPSec tunnel is terminated locally on IPs 192.168.0.140 and 192.168.0.2, and on the other side the tunnel is terminated on the web server IP 192.168.253.37.

When I call the access the reverse proxy, I always get only a status code 503 in the reverse proxy log.

I had tried to nat the traffic, which did not help either: https://support.sophos.com/support/s/article/KB-000035839?language=en_US

Does anyone have a tip for me?

Thanks,

Ben



This thread was automatically locked due to age.
Parents Reply
  • +1 in reply to Ben@Network

    Hi  Packet capture on GUI for host 192.168.253.37 will give information on IPSec out (As in CLI IPsec out will not be seen & only IPsec in will be there). so on XGS5500 if IPsec out is there for 192.168.253.37 then on another end of XG you may able to see CLI packets via tcpdump with IPSec in during WAF Access time.

Children