Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 3617 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN - No Lan connectivity

AdolfoDias
Hi,

New Sophos user here, currently testing software based version. I'm having some issues with the SSL VPN, I can connect fine, but cant access any resources on the LAN. Details:

Firmware version: 9.201-23
Latest SSL VPN software downloaded from HTML Portal
Auto Firewall box ticked
Webadmin / SSH works using the internal UTM Address

nslookup was failing, so I added the internal UTM address in the SSL dns settings, started working after that. However I still cannot ping or browse any internal / external links. 
 
Any help is appreciated! Thanks in advance.


This thread was automatically locked due to age.
Parents
  • 0
    You should never need a NAT rule for internal network. If both your SSL VPN client point to the UTM as gateway and the clients connected directly to the UTM also point to the UTM as gateway (each on their own interface IP-address of course), and you have auto firewall and your Internal network configured in your VPN config, then you should be able to connect without using NAT.
    For connection to the Internet over the UTM you do indeed need a masquerading rule, but this has nothing to do with Auto firewall rules.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Reply
  • 0
    You should never need a NAT rule for internal network. If both your SSL VPN client point to the UTM as gateway and the clients connected directly to the UTM also point to the UTM as gateway (each on their own interface IP-address of course), and you have auto firewall and your Internal network configured in your VPN config, then you should be able to connect without using NAT.
    For connection to the Internet over the UTM you do indeed need a masquerading rule, but this has nothing to do with Auto firewall rules.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Children
No Data
Unfiltered HTML