This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN Connection only for some Target Addresses

Hi,

I've kind of a special requirement:
I've an Internet connection with a govermental firewall and so I have a VPN Connection, to allow access to some needed blocked websites.
But the traffic through the VPN is slower so I want to route the traffic depending on a configurable list of IPs/Hostnames.
But now after establishing the SSL-VPN with Sophos all the traffic is routet through this VPN. I couldn't find a configuration menu to change this. Is there a way directly with Sophos to handle this or how can you run this setup with sophos?

thanks,
linuxadmin

This thread was automatically locked due to age.

Parents

0 linuxadmin_01 over 10 years ago

From Sophos:


2014:08:17-10:49:03 firewall pluto[19708]: listening for IKE messages
2014:08:17-10:49:03 firewall pluto[19708]: forgetting secrets
2014:08:17-10:49:03 firewall pluto[19708]: loading secrets from "/etc/ipsec.secrets"
2014:08:17-10:49:03 firewall pluto[19708]: loaded XAUTH secret for USERNAME 199.168.100.253
2014:08:17-10:49:03 firewall pluto[19708]: loaded PSK secret for 192.168.2.1 199.168.100.253
2014:08:17-10:49:03 firewall pluto[19708]: loaded PSK secret for 192.168.2.1 %any
2014:08:17-10:49:03 firewall pluto[19708]: forgetting secrets
2014:08:17-10:49:03 firewall pluto[19708]: loading secrets from "/etc/ipsec.secrets"
2014:08:17-10:49:03 firewall pluto[19708]: loaded XAUTH secret for 12m623944 199.168.100.253
2014:08:17-10:49:03 firewall pluto[19708]: loaded PSK secret for 192.168.2.1 199.168.100.253
2014:08:17-10:49:03 firewall pluto[19708]: loaded PSK secret for 192.168.2.1 %any
2014:08:17-10:49:03 firewall pluto[19708]: loading ca certificates from '/etc/ipsec.d/cacerts'
2014:08:17-10:49:03 firewall pluto[19708]: loaded ca certificate from '/etc/ipsec.d/cacerts/VPN Signing CA.pem'
2014:08:17-10:49:03 firewall pluto[19708]: loading aa certificates from '/etc/ipsec.d/aacerts'
2014:08:17-10:49:03 firewall pluto[19708]: loading ocsp certificates from '/etc/ipsec.d/ocspcerts'
2014:08:17-10:49:03 firewall pluto[19708]: loading attribute certificates from '/etc/ipsec.d/acerts'
2014:08:17-10:49:03 firewall pluto[19708]: Changing to directory '/etc/ipsec.d/crls'
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "S_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: "S_Saturn VPN L2TP/IPSec" #2: initiating Main Mode
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: packet from 199.168.100.253:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"

Reply

0 linuxadmin_01 over 10 years ago

From Sophos:


2014:08:17-10:49:03 firewall pluto[19708]: listening for IKE messages
2014:08:17-10:49:03 firewall pluto[19708]: forgetting secrets
2014:08:17-10:49:03 firewall pluto[19708]: loading secrets from "/etc/ipsec.secrets"
2014:08:17-10:49:03 firewall pluto[19708]: loaded XAUTH secret for USERNAME 199.168.100.253
2014:08:17-10:49:03 firewall pluto[19708]: loaded PSK secret for 192.168.2.1 199.168.100.253
2014:08:17-10:49:03 firewall pluto[19708]: loaded PSK secret for 192.168.2.1 %any
2014:08:17-10:49:03 firewall pluto[19708]: forgetting secrets
2014:08:17-10:49:03 firewall pluto[19708]: loading secrets from "/etc/ipsec.secrets"
2014:08:17-10:49:03 firewall pluto[19708]: loaded XAUTH secret for 12m623944 199.168.100.253
2014:08:17-10:49:03 firewall pluto[19708]: loaded PSK secret for 192.168.2.1 199.168.100.253
2014:08:17-10:49:03 firewall pluto[19708]: loaded PSK secret for 192.168.2.1 %any
2014:08:17-10:49:03 firewall pluto[19708]: loading ca certificates from '/etc/ipsec.d/cacerts'
2014:08:17-10:49:03 firewall pluto[19708]: loaded ca certificate from '/etc/ipsec.d/cacerts/VPN Signing CA.pem'
2014:08:17-10:49:03 firewall pluto[19708]: loading aa certificates from '/etc/ipsec.d/aacerts'
2014:08:17-10:49:03 firewall pluto[19708]: loading ocsp certificates from '/etc/ipsec.d/ocspcerts'
2014:08:17-10:49:03 firewall pluto[19708]: loading attribute certificates from '/etc/ipsec.d/acerts'
2014:08:17-10:49:03 firewall pluto[19708]: Changing to directory '/etc/ipsec.d/crls'
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "S_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: "S_Saturn VPN L2TP/IPSec" #2: initiating Main Mode
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"
2014:08:17-10:49:03 firewall pluto[19708]: packet from 199.168.100.253:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
2014:08:17-10:49:03 firewall pluto[19708]: added connection description "X_Saturn VPN L2TP/IPSec"

Children

No Data