This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN Loopback on WAN IP

I have set up a DMZ zone for our wifi access points to allow visitors access to the web. I would like our wireless users to be in this DMZ zone by default and then to VPN in to the XG for LAN zone access.

I would like to have a single VPN connection set up on these wireless devices that they can use when physically present on wifi (DMZ) or on the road. I have the VPN (L2TP) working for remote use, but I cannot connect the VPN from the DMZ. I am using the WAN IP address to establish the VPN connection, is it possible to set up a loopback/NAT rule to allow VPN connections to be made to this IP from the DMZ zone?

Thanks in advance for any information.

This thread was automatically locked due to age.

0 lferrara over 9 years ago

Simon,

What are the reason to use VPN from DMZ to LAN? Maybe you need it for Transport Encryption....

Otherwise you can allow access to internal resources by allowing DMZ users using Policy rule.

Can you share your policy rule configuration? I mean policy rules used to allow VPN access.

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 SimonBuckmaster over 9 years ago in reply to lferrara

I would like to avoid having a wireless network with direct access to our LAN. I plan to reuse our existing wireless infrastructure by putting it in a separate zone and tunneling into the LAN for the users who need access to LAN resources. I would like to simplify things user-side by using the same tunnel on itinerant devices whether they are connecting from our wireless zone or a coffee shop in another country.

Is it possible to have the Sophos VPN server respond to internal zones?

Thanks in advance!
Cancel
Vote Up 0 Vote Down

Cancel