Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 936 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Resolve Domains after connected to Firewall with SSL-VPN

mkrivtsov
Hello all,

I got the following setup:
Sophos ASG 220 UTM 9 Firewall with 3 Servers behind it.

The UTM 9 listens on the Domain sophos-firewall.com (External IP 88.66.44.1, Internal IP 10.0.2.1). 
And for example the FileServer behind the FW listens to apple-fileserver.com (External IP 88.64.44.4, Internal IP 10.0.2.4).

So when I'm connected to the Firewall with SSL-VPN (SSL-VPN IP Pool 10.242.2.0/24) I got 10.242.2.6 as the Client-IP.

Well - the Problem is that when I'm connected to the Firewall with SSL-VPN, I cannot open the WebAdmin with the sophos-firewall.com:1234 Adress and have to open 10.0.2.1:1234 instead.

Also the same with SSH - When opening an SSH Connection to apple-fileserver.com:22 I get a timeout - with 10.0.2.4:22 I get a cert-error because the IP doesn't match the Domain Certificate..

Is there any workaround with Static mapping / Masquerading, that I do not have to open those Domains with the internal IP?

Thanks for help in advance.


This thread was automatically locked due to age.
  • 0
    Insert your internal DNS server(s) under "Remote Access" -> "Advanced".

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML