Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 3462 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to connect to a IPSEC VPN over PPTP?

CertifiedMdiver
hello

i've succesfully established an ipsec vpn between 2 astaro firewalls (A+B).

i can connect to Firewall/LAN A with PPTP and see all computers.
i can connect to Firewall/LAN B with PPTP and see all computers.
if i stay in LAN A (really local, not over PPTP), i can see all computers of LAN A and LAN B

What i want:

connect to Firewall A over PPTP and see all computers of LAN A and LAN B


this doesn't work, i don't know why!
maybe the problem is, that when i connect over PPTP, my computer has no
standard gateway - show's me 0.0.0.0   ???
if this is the problem where should i define the "standard gateway" for pptp users and what is the correct gateway address - internal, external ???

or is there a specific rule that i have to define?


thanks for help


This thread was automatically locked due to age.
Parents
  • 0
    Have you tried assigning IP addresses by DHCP server instead of 'IP address pool'?
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    no, i didn't try, there is another DHCP Server in the LAN - or should i define  the DHCP server for the external card ?
  • 0 in reply to CertifiedMdiver
    No, just point the SSL VPN at your existing DHCP server.  That way, you have an IP that's a part of the existing Internal (Network) so you get the routes created by the Site-to-Site VPN and don't need to add a route for the VPN Pool.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to CertifiedMdiver
    No, just point the SSL VPN at your existing DHCP server.  That way, you have an IP that's a part of the existing Internal (Network) so you get the routes created by the Site-to-Site VPN and don't need to add a route for the VPN Pool.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
Cookie Information Banner