Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 2252 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Whats the best way to allow unrestricted traffic accross a Site to Site SSL VPN?

JohnKenny
Hi,

I have set up a Site to Site SSL VPN and it works fine as i can connect to hosts on the other sites, but does the VPN use the NAT & Firewall rules or is it open?  Its just some users would like to be able to browse the network and be able to see Hosts on the other Site LAN not just the local LAN, is this doable?

Also we have services that must use Broadcasts to work as you dont actually set up IP addresses, the software just autodetects the Server with the Service.  Im assuming this is using broadcast to acheive this.  So is there a way to get the 2 connected Sites to act like 1 single LAN?  Would 1:1 NAT do this?

I have tried looking at the Firewall Log to see where traffic is being allowed or blocked but I cannot see any entries that seem like there using the VPN.

Can anyone help?

Thanks

JK


This thread was automatically locked due to age.
Parents
  • 0
    This is not possible with the SSL implementation on the UTM.
    You might have success with setting up a RED connection between the sites and then bridge the RED interface to your internal network.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Reply
  • 0
    This is not possible with the SSL implementation on the UTM.
    You might have success with setting up a RED connection between the sites and then bridge the RED interface to your internal network.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Children
No Data
Unfiltered HTML