Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 1 subscriber
  • Views 2082 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

only gateway can access thru sslvpn

hktranstech
Hi Expert,

I have sucessed build a sslvpn thru 2 Sophos UTM9,
rules are as below :

firewall 1 is the server and firewall 2 is the client;
firewall 1 to firewall 2:
fw1tofw2.jpg
firewall 2 to firewall 1:
fw2tofw1.jpg

I have assign 192.168.81.6 for "Use static virtual IP address" at firewall 1
I can login to firewall 2's Sophos ie: https://192.168.11.26:4444,
and the network behind firewall 2 can ping the firewall 1 gateway: ie: ping 192.168.81.6

The problem is:
the network behind firewall can only ping the firewall 1 gateway but cannnot ping (or RTP) and computer behind the firewall 1 : ie: 192.168.81.88

Have I miss something important ?
Thx for advice,
Jessie


This thread was automatically locked due to age.
Parents
  • 0
    Oh, and don't add the Firewall 1's DNS server at the Firewall 2, but add the Firewall 1's internal IP address at the Firewall 2's DNS forwarders.
    You also will have to allow the internal IP address of Firewall 2 at Firewall 1 -> Network services DNS -> Allowed Networks.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Reply
  • 0
    Oh, and don't add the Firewall 1's DNS server at the Firewall 2, but add the Firewall 1's internal IP address at the Firewall 2's DNS forwarders.
    You also will have to allow the internal IP address of Firewall 2 at Firewall 1 -> Network services DNS -> Allowed Networks.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Children
No Data
Cookie Information Banner