I'm running Sophos UTM, the latest production version (currently v9.006-5).
I would like to use the same VPN pool network for both L2TP/IPsec VPN and SSL VPN (and other VPNs too), but I'm getting the following error message:
VPN IP assignment pools overlap.
These are my settings / requirements:
- public (non-rfc1918) IP address range for the VPN pool
- no NAT-ing for the VPN clients
I have everything working with one VPN type (L2TP/IPsec), but I cannot add another VPN (SSL VPN) with the same VPN pool. I'm getting the error message I've mentioned above.
I need to provide multiple VPN options to our clients, but since I don't know which one they're going to use, I do not want to waste multiple /24 or /23 subnets for VPN access that might not be used so frequently. I'd rather have one /23 or /22 subnet assigned to one common VPN pool, and use that one across multiple VPNs. We've had this design used for our Microsoft Remote Access (Windows Server 2008/2012) solution, where all VPNs (PPTP, L2TP/IPsec, SSTP) have been sharing the same /23 VPN pool. I need to migrate the same network design to Sophos UTM Remote Access now.
Is there any workaround to achieve this? Am I missing something here?
Thank you for any help or advice.
This thread was automatically locked due to age.
