Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 29 replies
  • Subscribers 1 subscriber
  • Views 13667 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote access via SSL

NewtoAstaro
UTM 9.105-9

I'm the Domain Administrator and I VPN to our domain then I RDP to computer A - no problem. If I now RDP to computer B from computer A - no problem. I log off computer B and then log off computer A and then try to RDP to computer B, I get a popup saying that either RDP is not enabled, the computer is not responding or is turned off. I've examined the windows firewall for that computer B and it is the same as computer A and its Logs have nothing significant. Is this likely to be an Astaro issue?


This thread was automatically locked due to age.
  • 0
    Note that you have changed from "desktop, A & B" to "A, B & C" - making this thread difficult to follow.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    BAlfson: Apologies for any confusion. I'm trying to be consistent in that A is the machine I'm remotely sitting on, B is the machine I'm trying to get to and C is another machine on the same network as B but one that I can reach. Some further confusion may have arisen as I explained that I can reach B by going via C, but that is unsatisfactory (and slow) so I do need to go directly.
  • 0 in reply to NewtoAstaro
    netstat -r on C shows that it also makes no mention of 10.242.2.0/255.255.255.0.
  • 0
    Please open up a live firewall log to see whether Sophos is blocking (or passing) or whether the problem lies somewhere else.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0 in reply to apijnappels
    The Firewall log shows nothing relevant BUT, I can remote to B if I VPN from my iphone (pptp)! So, why not via ssl. There are no relevant entries in B's event viewer.
  • 0
    If you don't see anything in the firewall log, this probably means that the traffic is allowed (assuming you have automatic firewall rule for the SSL connection), so that's good.
    But while PPTP is working and SSL is not, this may indicate that either the UTM (and in that case you may have overlooked something in the firewall) or the computer B is blocking it. 
    SSL by default uses: 10.242.2.0/24, PPTP by default uses 10.242.1.0/24

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0
    Hi, you could run a sniffer to confirm the traffic is going through the firewall.
    tcpdump is available on the firewall, or you could run WireShark on the affected PC.

    Barry
  • 0
    Have you installed the OpenVPN app on your iPhone?  It works great and is configured automatically via Safari and the User Portal.  If that works, then you'll have proof that the issue is the client PC.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Folks, I apologise for my long absence, a combination of illness and family issues. I don't like leaving issues "hanging", so I'm here to round it out. The problem has not been resolved but changes in the organisation make it academic as the laptop in question is no longer part of the network and therefore unavailable. Many thanks to all of you for your patience and advice.
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML