This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to use an established site-to-site SSL client connection?

I'm trying to use my privateinternetaccess.com VPN through the Sophos, but I think I'm failing to grasp the fundamentals of how Sophos manages an SSL VPN connected as a client. I've established the VPN tunnel, but I was expecting it to be represented as an interface like it is in pfSense. I would like to be able to pick and choose which traffic routes out the VPN tunnel vs the WAN. Every time I enable to SSL VPN, I lose all internet traffic. I suspect this is due to the lack of firewall/NAT configurations for the VPN.

Can I prevent the VPN tunnel from rerouting my internet bound traffic by default?

Can I route specific traffic out the VPN, such as just http traffic or an entire VLAN?

How do I apply firewall/NAT rules directly to the VPN tunnel, or is it controlled with the default external network rules?

This thread was automatically locked due to age.

0 BAlfson over 9 years ago

Hi, Andrew, and welcome to the UTM Community!

I'm not following your explanation of what you want. I understand that it doesn't work like PfSense. I can't tell if you're talking about a site-to-site connection with another Sophos UTM or about an OpenVPN client connecting to the UTM's SSL VPN Remote Access service.

First, consider #2 in community.sophos.com/.../22065.

Please click on "Use rich formatting" to attach a picture of the VPN configuration open in Edit.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel