Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 8657 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN Passthrough

Kman27

HI All,

I am new to Sophos UTM and am really impressed with the features and the controls I have on my home network but I am struggling outgoing VPN from home to work.

I have two VPN servers that I need to connect to from the home UTM.

1) Shrewsoft client which uses port 500

2) L2TP over IPSec setup on my Windows 10 machine. Port 1701

I have used the VPN protocols built in on the firewall but they dont work when I look on the firewall i can see green packets being passed but they nmever seem to connect am I missing something?  

IS the firewall traffic just one way?  Do I need something in case the VPN server needs to talk back to the machine?

I am sorry if the question sound silly but I am fairly new and I couldnt find anythign through searching through the forums.



This thread was automatically locked due to age.
  • 0

    tail -f packetfilter.log | grep 192.168.1.164
    2016:09:17-16:12:24 najafi ulogd[4426]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="7" initf="eth0" outitf="eth1" srcmac="3c:a9:f4:45:24:5c" dstmac="bc:30:5b:b9:e7:36" srcip="192.168.1.164" dstip="x.x.x.x" proto="17" length="558" tos="0x00" prec="0x00" ttl="63" srcport="500" dstport="500"

    Removed the destination ip address

  • 0

    Sorry hit enter too early that was from the live logs nothing else is being blocked but it doesnt connect

  • 0

    HI Kasum,

    Thanks for choosing Sophos.

    Packet filter logs show no drop in the connection and the packet is accepted. Can you post a tcpdump capture while connecting.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung
    14:35:37 Packet filter rule #7 UDP  

    192.168.1.164 : 500

    81.171.132.219 : 500
    		 
    len=558 ttl=63 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:40 Default DROP UDP  
    192.168.1.164 : 65204
    94.245.121.251 : 3544
    		 
    len=89 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:57 Default DROP UDP  
    192.168.1.164 : 59274
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:57 Default DROP UDP  
    192.168.1.164 : 59274
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:57 Default DROP UDP  
    192.168.1.164 : 59274
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:57 Default DROP UDP  
    192.168.1.164 : 59274
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:58 Default DROP UDP  
    192.168.1.164 : 59274
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:58 Default DROP UDP  
    192.168.1.164 : 59275
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:58 Default DROP UDP  
    192.168.1.164 : 59275
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:58 Default DROP UDP  
    192.168.1.164 : 59275
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:58 Default DROP UDP  
    192.168.1.164 : 59274
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:58 Default DROP UDP  
    192.168.1.164 : 59275
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:58 Default DROP UDP  
    192.168.1.164 : 61744
    66.102.1.94 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:58 Default DROP UDP  
    192.168.1.164 : 59275
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:58 Default DROP UDP  
    192.168.1.164 : 61744
    66.102.1.94 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:58 Default DROP UDP  
    192.168.1.164 : 61744
    66.102.1.94 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:59 Default DROP UDP  
    192.168.1.164 : 59275
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:35:59 Default DROP UDP  
    192.168.1.164 : 59274
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:36:00 Default DROP UDP  
    192.168.1.164 : 61744
    66.102.1.94 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:36:00 Default DROP UDP  
    192.168.1.164 : 59275
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:36:00 Default DROP UDP  
    192.168.1.164 : 61744
    66.102.1.94 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:36:00 Default DROP UDP  
    192.168.1.164 : 59274
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:36:01 Default DROP UDP  
    192.168.1.164 : 59275
    74.125.133.120 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:36:01 Default DROP UDP  
    192.168.1.164 : 59274
    74.125.133.120 : 443
    		 
    len=96 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:36:03 Default DROP UDP  
    192.168.1.164 : 59275
    74.125.133.120 : 443
    		 
    len=96 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:36:03 Default DROP UDP  
    192.168.1.164 : 61744
    66.102.1.94 : 443
    		 
    len=96 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:36:10 Default DROP UDP  
    192.168.1.164 : 56899
    74.125.133.113 : 443
    		 
    len=1378 ttl=127 tos=0x00 srcmac=3c:a9:f4:45:24:5c dstmac=bc:30:5b:b9:e7:36
    14:36:10 Default DROP UDP  
    192.168.1.164 : 56899
    74.125.133.113 : 443
    		 
  • 0 in reply to Kman27

    Hi,

    Can you please post TCPdump output? Also, configure a new FW rule for a single system and place it on the TOP, define ANY services in the rule and try to connect to the VPN server.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Sorry I went through my setup and I had default rules applied apart from the masquerading rule on the firewall - after doing that I am now connecting to both VPN's and my whatsapp calls are also working.

    Thanks for the help though.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?