Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 4 subscribers
  • Views 3305 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN Client to use local IP in Home Office does not work properly

aceint

Hello everyone,

 

I am very concerned about an issue that I am experiencing with SSL VPN Clients.

The idea is to simulate the SG210's local (public) IP-address on a couple of home offices. They shall not have access to the internal network, though. I have managed to do that by manually creating firewall rules for that SSL profile.

Everything works fine so far after the SSL VPN Client has been installed. But in some cases it stops working after a while and the employee suddenly goes online with his own local IP-address, even though the SSL VPN Client says it's connected.

I have discovered the same issue with the other User Group Network that I have set up on the SG210. That one shall as well go online with the SG210's IP-address but also have access to the internal network. None of that works after a while, even though the SSL VPN Client claims to be connected.


Does someone of you guys have an idea of what's causing this issue and how to solve it?

 

Thank you very much in advance.

 

Best Regards,

Sebastian



This thread was automatically locked due to age.
  • 0

    Hello Sebastian,

    your description is really hard to understand what you really want to do and what your settings are.

    best is to make screenshots of your configs (ssl-vpn / firewall-rules) and some more details like network-adresses used at homeoffices...

    maybe its a config error but need more information (screenshots, IPs, Rules ....)

  • 0 in reply to zaphod

    Hello there,

     

    thank you for your response and excuse my explanation which obviously was not good enough. :-)

    So, here we go again.

     

    I created a new SSL VPN profile with no automatic firewall rules because I want users of this profile to go online via our local IP address but have no access to devices in our LAN at all.

     

    What I did afterwards is manually creating two firewall rules:

     

     

    Everything works fine on almost every computer. There is just one that keeps going online with his own local (public) IP-address instead of using ours (which should be the case since I set up firewall rule #18). I guess it is not a problem with our firewall but with the remote computer. (And yes: multiple connections are activated for SSL VPN users).

     

    Thank you very much.

  • 0 in reply to aceint

    Sebastian, please show the Edit of the SSL VPN Profile.  If there are other SSL VPN Profiles, do the same with those.  When obfuscating User/Group and Host/Network object names, please leave enough information so that we can see if anything is also used in another Profile.

    Change the Destination in rule 18 from "Any" to "Internet" and then you can delete 17.

    Cheers - Bob