Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 2023 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cisco VPN / additional Address

gomi
Hi there, 
I'm going slightly mad [:(] and i hope someone can help me.

I have a new location with an cable modem & UTM9. The only ip that i recieve from the modem is a dynamic ip (dhcp).
On the External (WAN) Interface i have two additional addresses (static ip's)- works fine i can connect to the internet and otherwise i can use webadmin. 

But now i need a vpn connection (Cisco VPN Client).
The "Server Adress" for the connection is one of the additional addresses.

I can ping the address, but ipsec did not react - the log is empty. (when i try a connection to the dynamic address (dhcp) it'is working).

I search & read in a thread that i can create a SNAT rule.
But i have no idea what i must use in 'traffic from' 'going to' (services are, i think the 4 ipsec-services) and 'change the source  to'
All 'experiments' gone wrong.

In the future i also need a site-to-site ipsec connection. 
im going nuts...

thank's for help.


This thread was automatically locked due to age.
Parents
  • 0
    Please click on [Go Advanced] below and attach a picture of your SNAT.  Does #1 in Rulz give you any clues?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    thanks for answering me bob.

    Intrusion Prevention ist deactivated
    Advanced Threat protection is empty

    im now totally confused and delete all my snat rules.. 
    i have no idea..... [:(]
Reply Children
No Data
Unfiltered HTML