Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 1 subscriber
  • Views 2066 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

only gateway can access thru sslvpn

hktranstech
Hi Expert,

I have sucessed build a sslvpn thru 2 Sophos UTM9,
rules are as below :

firewall 1 is the server and firewall 2 is the client;
firewall 1 to firewall 2:
fw1tofw2.jpg
firewall 2 to firewall 1:
fw2tofw1.jpg

I have assign 192.168.81.6 for "Use static virtual IP address" at firewall 1
I can login to firewall 2's Sophos ie: https://192.168.11.26:4444,
and the network behind firewall 2 can ping the firewall 1 gateway: ie: ping 192.168.81.6

The problem is:
the network behind firewall can only ping the firewall 1 gateway but cannnot ping (or RTP) and computer behind the firewall 1 : ie: 192.168.81.88

Have I miss something important ?
Thx for advice,
Jessie


This thread was automatically locked due to age.
Parents
  • 0
    Which networks do you have at your VPN configuration under "Local Networks"?

    If you want internet traffic to go completely over through your VPN, you have to add the Internet object here (at site 1) and reimport the config at site 2:


    Also don't forget to add a Masquerading rule for the Remote_network in the UTM at site 1!

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Reply
  • 0
    Which networks do you have at your VPN configuration under "Local Networks"?

    If you want internet traffic to go completely over through your VPN, you have to add the Internet object here (at site 1) and reimport the config at site 2:


    Also don't forget to add a Masquerading rule for the Remote_network in the UTM at site 1!

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML