Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 25417 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN User Portal from remote

Paul Digby

I have setup SSL VPN from the guide. I have a Draytek router in front of the Sophos XG and all traffic forwards to the SXG.

However, unable to get to the User Portal from external. I have changed port number and I tried VPN, Show VPN Settings and used override Hostname with FQDN, but still cannot connect to User Portal.

Update - I have found another post (https://community.sophos.com/products/xg-firewall/f/vpn/79840/user-portal---remote-access) with similar scenario, where the WAN option for User Portal was not ticked. However, that has made no difference - still no connection to Portal from external

From same threed above, it is Gateway mode 



This thread was automatically locked due to age.
Parents
  • 0

    Paul,

    if you have a public IP on your router, you do not need other rules. Make sure user portal is enabled on wan zone (Administration > device access).

    If you do not have a public ip (only dynamic) configure your XG to use dynamic DNS under Network > dynamic dns.

    Connect a computer on your WAN side and check if you can reach user portal using https://wanip

    Regards

  • 0 in reply to lferrara

    I have a static IP address on my Draytek router for the Internet connection.

    User Portal is enabled on WAN (it was not by default). I don't have any rules for the User Portal, only a rule for SSL VPN.

    So, try and connect without the port number for user portal?

  • 0 in reply to Paul Digby

    User portal port by default is 443. Check it under Administration > Admin settings

  • 0 in reply to lferrara

    I changed port to another number as https is being used for getting to internal web server for Email etc

    I have also enabled https admin on WAN and going to see if I can get to that. Also enabled User Portal on VPN

    Will check tomorrow. I'll also disable the https / 443 for testing just to see if I can access user portal.

  • 0 in reply to Paul Digby
    So, today I tested! I disabled any 443 forwarding and changed UP port to 443. I first tested admin to SXG and it connected, took about 90 seconds though. I then tried UP and it took 2-3 minutes then I saw the portal. However, the speed was totally unacceptable and then the network froze. I also changed port for UP and again it was successful, but incredibly slow. So, I need to test again after I have a stable internet.
Reply
  • 0 in reply to Paul Digby
    So, today I tested! I disabled any 443 forwarding and changed UP port to 443. I first tested admin to SXG and it connected, took about 90 seconds though. I then tried UP and it took 2-3 minutes then I saw the portal. However, the speed was totally unacceptable and then the network froze. I also changed port for UP and again it was successful, but incredibly slow. So, I need to test again after I have a stable internet.
Children