This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Question: SSL VPN RA and SSL VPN Site-to-Site Routing

Hello,

First of all: Thank you for this great product! For about 2 months I am using the ASG UTM 9.0 at home and at my parents and very happy with it.

My question concerns routing with VPN SSL, the setup:

Site A
Internal Network A 192.168.0.0
VPN SSL Pool A 192.168.11.0

Site-to-Site VPN SSL connecting Sites A – B, working

Internal Network B 192.168.2.0
VPN SSL Pool B 192.168.12.0

Local devices on site A can access anything on site B and vice versa, rules are set and working.

Remote Access VPN SSL working on site A and site B. All 4 subnets are defined and added to the RA definition on both UTMs.

However, if a my client (Macbook Pro 10.8.3 SSL client Viscosity) is connected to site A, it cannot see the subnets from site B and vice versa.

I tried static routes on the Macbook, I tried static routes on the UTM, didn’t work out. What did I miss?

Best regards,

This thread was automatically locked due to age.

Parents

0 BAlfson over 12 years ago

Hi, Ramirez, and welcome to the User BB!

Try this KnowledgeBase article: How to allow remote access users to reach another site via a Site-to-Site Tunnel

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 12 years ago

Hi, Ramirez, and welcome to the User BB!

Try this KnowledgeBase article: How to allow remote access users to reach another site via a Site-to-Site Tunnel

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 ramirez77 over 12 years ago in reply to BAlfson

Thank you for the Welcome and the fast reply.

I followed the KB article and changed the site-to-site connection to IPsec. Since I had it tested before was a few clicks to re-enable it. There was 1 change from the article: To add "Internet" to Site1 defs; so I did that.

However, I am getting the same result, its not routed.

Tomorrow I will have more time and delete all definitions and entries for VPN and start over, just to be double sure there is nothing I missed.

PS: Since I prefer in the end SSL over IPSec: Is IPSec a must if I want SSL for RA or can SSL be used for site-to-site and RA at the same time?
Cancel
Vote Up 0 Vote Down

Cancel

Question: SSL VPN RA and SSL VPN Site-to-Site Routing

Submitted a Tech Support Case lately from the Support Portal?