Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 28 subscribers
  • Views 969 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LOCAL_ACL Violation IPSEC VPN

NoPoison

Hi,

I set up an IPsec VPN but I am getting Local_ACL violations...

I want to access it from my LAN PC 172.16.16.19 

The Firewalls WAN IP is 192.168.178.50

Traffic is allowed I only added 1 Firewall-Rule. I pass everything to everything... 

I checked marked everything I could in my Application Permissions (LAN and WAN).

Interfaces and Zones:

And I still can't get it to connect...

What am I missing?

How can I debug Local_ACL Violations?

Thanks in advance...



This thread was automatically locked due to age.
  • +1

    Hello,

    I don‘t get what you are trying to test: you come from „inside“ and want to test reaching your WAN interface with sn IPsec client?

    You can’t test a client VPN from inside.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to jprusch

    Hello,

    the IPSec VPN is listening on Port 500 on 192.168.178.50?

    Shouldn't it be possible to talk to that socket from anywhere I want? I tried "nmap -p 500 192.168.178.50" as well and it gets filtered.

    But I am a beginner in IPsec, Network Layers etc.

    I will test it from a PC in WAN

  • 0 in reply to NoPoison

    SFOS only offers the IPsec daemon on the Interface, you selected. Other Interfaces will be blocked. 

    __________________________________________________________________________________________________________________

Unfiltered HTML