Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 2 subscribers
  • Views 25569 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ssl VPN no Internet

shoutcast
Hello I can not get internet to work when connected to vpn for the life of me. Communication between other internal computers works fine but no internet.

OK i am on UTM 9

In SSL
- Created user in allowed Users and groups
- Local networks put in "internal network" and "any"
- Unchecked automatic firewall

In NAT created a new masquerading
vpn ssl pool --> external

In Firewall created 2 new rule
User --> Any --> Any
Vpn ssl pool --> any --> any

Now I have tried many different configurations but none worked.. But this is the setup that I read to allow internet traffic from vpn user.. I am so lost and frustrated.. Please help


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BAlfson
    Is "VPN Pool (SSL)" in 'Allowed networks' for DNS?

    Cheers - Bob


    Nope it wasn't.. It is now.. Strange though wouldn't think that I would need to put that.. would think it was automatic.. guess not.. well problem solved.. that was the issue.. 

    Thanks to all that replied.. Was ready to pull my hair out..
  • 0 in reply to shoutcast
    So to wrap this one up its:

    Network Services / DNS / VPN Pool (???)
    Network Protection / NAT / New masq rule / VPN Pool (???)->External
    Remote Access / SSL / User -> Any

    If you want the SSL users to be filtered through the transparent proxy:
    Web Protection / Web Filtering / VPN Pool (???)

    Hope that helps.
  • 0 in reply to Pedulla

    I have been using Sophos VPN SSL for a while. Same setup as in the "wrap up"; however, recently I noticed I had not specified masquerading rule for "VPN Pool". This has been bothering me, and I read other threads, but I can't seem to get it. I  believed all traffic from "remote users" have been going through UTM because when I remote from outside, and I type IP in my browser I get my sophos public IP. I set manual FW rules:

              a. remote user ---> my DNS server

              b. remote user ---> Internet IPv4

    Does it mean that only web traffic goes through "Sophos transparent proxy" but not necessarily all traffic?

    I am using UTM 9.509

    Thank you,

    Martin

  • 0 in reply to martin_sh

    Apparently, you've not been doing anything other to the Internet over the VPN except browsing.  The Transparent Web Proxy only handles HTTP (80) and HTTPS (443) if selected.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thank you Bob for the confirmation. So, don't forget to add masquerading rule "VPN Pool --> WAN" if you want everything to be tunneled through Sophos SSL VPN.

    Also, under "Remote Access - Advanced - Client Options" I set my DNS servers; however, I was wondering weather this is necessary if "VPN Pool" is already listed in the Global Allowed Networks for DNS?

    Thanks Bob again - helpful as always!

     

    Martin

Unfiltered HTML