I am setting up a L2TP over IPsec VPN for remote access into my network. I've noticed that it just works without configuring any firewall rules, which is great. But I would prefer if I were able to restrict this to certain IP's, IP ranges or subnets. Is this possible on Sophos UTM? I noticed that port UDP/500 VPN (IKE) is detected by Shodan against my server. I'd prefer if it were not open to the world to detect. Is it possible to restrict this? How does it work with the firewall?
I can see things in the IPSec log which I suppose suggests to me that its handling the firewall itself, e.g. below.
2019:11:23-00:11:11 sophos pluto[12285]: | route_and_eroute: firewall_notified: true
2019:11:23-00:11:11 sophos pluto[12285]: | route_and_eroute: instance "L_REF_IpsL2tForVpn_0"[1] x.x.x.x:4500, setting eroute_owner...
I've not setup a VPN inbound before so a bit to learn I suppose :)
This thread was automatically locked due to age.
