This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote Access SSL VPN Advice

Hi

I'm trying to get some advice on setting up a Remote Access SSL VPN if that's possible please.

I have a UTM box in place to filter my kid's Internet access, which is all working fine. I would like to expand that so that I can connect in from a remote location in order to access a Hyper-V server at home, but I need it to be over SSL, so that if I visit a customer site I'm not having to ask for any firewall rules to be modified to allow me through (for example, current company I'm at doesn't allow L2TP).

The setup I have is Internet > ISP router > UTM 'external' interface. I have to have the router in place because its Virgin Media cable broadband.

I have set something up that allows me to VPN to the external UTM interface using the pre-configured Sophos VPN client, but if I'm out at a customer site it needs to be the ISP supplied IP for my router that the client connects to, not the 'internal' IP. I'm guessing this is probably really simple, and I'm just missing it something.

Could anyone offer any advice?

Thanks in advance

This thread was automatically locked due to age.

0 Scott_Klassen over 10 years ago

Your router should have some kind of capability for port forwarding to forward the SSL VPN traffic to the external interface of the UTM. Is the router in bridged mode? That is optimal in these sort of situations to avoid the double NAT issue.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 tbennett365 over 10 years ago in reply to Scott_Klassen

Hi, yes I can do port forwarding on my Virgin router, but where do I tell the Sophos VPM client what target it should be connecting to (i.e. my public IP so that I can then push the traffic to the internal UTM interface)?

I haven't got the Sophos box in bridged mode. Not that clear on what that is (I should maybe read the manual there! [:)] )
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 10 years ago

Sorry, not the UTM, bridge the Virgin router. The target IP would need to be your external address to access over the internet.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 tbennett365 over 10 years ago in reply to Scott_Klassen

I was confused for a minute there, because when I read bridging I thought of wireless network extension. I realised what you meant after a minute though, because on the router that the ISP gave me its called 'modem mode'. That makes sense.

Thanks for some great advice!
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 10 years ago

If your able to set the Virgin into modem mode, then the external IP can be assigned directly to the external interface of the UTM.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel