Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 1896 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

v7 120 SSL VPN Server: not as firewall / router

stefanzman
This customer had been using the SOPHOS UTM 120 as the primary firewall until only a few days ago. 

For reasons that I cannot currently explain, they reverted to using the ATT modem as the primary firewall, and they want the UTM 120 to still provide the SSL VPN server features. 

They have multiple static public IPs, so I setup UTM 120 with a separate public IP and gave it a static internal IP on the same LAN/ subnet managed by the ATT device. The SSL VPN client connects successfully, but it can only see _ping_ the internal LAN ip of the UTM 120. It cannot see any of the other machines on the LAN. 

I have made sure that the packet filter rules allow SSL VPN POOL LAN. I can ping the other machines successfully on the LAN directly from the UTM 120. What am I missing here? Is there some other routing that needs to be created when the UTM device is the VPN server but *not* the router / firewall? Thanks for your help


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BarryG
    Yes, if the internal machines don't have a route to the UTM for VPN traffic, it won't work.

    Barry


    I thought that a VPN server could exist behind an existing router / firewall / gateway. Can't the 120 be configured just to provide VPN server capabilities?
Unfiltered HTML