Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 2976 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2tp VPN Connection Problems

reptile
Hi there

I have the following problem

Access the external ip from the internal network is difficult.
For the internal network i added a Full Nat rule. Internal Clients can now connect to the own external ip. They get redirected to the server.

However Clients connected with vpn cant.

For Internal Clients the following rule is active:

Internal Network --> ANY --> External IP
Change Source Internal IP 
Change Target Server IP

However i cant do this for VPN Clients

L2TP Pool --> Any --> External IP
Change Source Internal IP
Change Target Server IP

doesn't work

Please help me out. I am trying since days


This thread was automatically locked due to age.
Parents
  • 0
    Hi, reptile, and welcome to the User BB!

    When you are connected via L2TP/IPsec, the IP of the "External (Address)" is not reachable.  It is reachable when you are connected via SSL VPN, but, in that case, I think the traffic does not transit the VPN tunnel.

    I like the L2TP/IPsec solution though, so you might want to consult Accessing Internal or DMZ Webserver from Internal Network.  Also, on the 'Advanced' tab of 'Remote Access', you can assign your UTM as the primary DNS server for your Remote Access users.  Don't forget to add the appropriate VPN Pools to 'Allowed networks' in 'Network Services >> DNS'.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Hi, reptile, and welcome to the User BB!

    When you are connected via L2TP/IPsec, the IP of the "External (Address)" is not reachable.  It is reachable when you are connected via SSL VPN, but, in that case, I think the traffic does not transit the VPN tunnel.

    I like the L2TP/IPsec solution though, so you might want to consult Accessing Internal or DMZ Webserver from Internal Network.  Also, on the 'Advanced' tab of 'Remote Access', you can assign your UTM as the primary DNS server for your Remote Access users.  Don't forget to add the appropriate VPN Pools to 'Allowed networks' in 'Network Services >> DNS'.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML