Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 3 subscribers
  • Views 18528 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to connect to a subnet behind a Remote Access SSL VPN client

JeroenP

Hi!

I created a Remote Access SSL VPN Profile, with a masquerade rule (VPN Pool (SSL) --> Internal). I'm using an Asus router on the remote site.
The Asus router has a builtin VPN client and it was pretty easy to configure. The Asus router connects without any problems and, thanks to the masquerade rule, the clients on the remote subnet (behind the Asus router) can connect with the clients on the internal subnet (behind the Sophos UTM) without any problems.

I would like to connect from an internal client to a host on the remote subnet (behind the Asus router). Because I use the default VPN Pool (SSL) the Asus router SSL VPN client is on IP-adres 10.242.2.2. I can connect to the Asus web interface (on 10.242.2.2) from a client on the internal subnet. I can't connect to a host on the 192.168.0.0/24 subnet.

Obviously the internal client is sending traffic for 192.168.0.0/24 to his gateway, the Sophos UTM. But when I use the support tools on the UTM and trace traffic from the UTM to 192.168.0.0/24, it sends that traffic to his gateway (the ISP router) :-(
How can I tell the UTM to send traffic for 192.168.0.0/24 to gateway 10.242.2.2 (the Asus router)
To be clear:

Internal subnet - SOPHOS UTM <------------------ ASUS Router builtin (OpenVPN client) - Subnet on remote site (192.168.0.0/24)

Regards!

Jeroen



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Jereon, and welcome to the UTM Community!

    Sorry, I don't understand.  You want to route traffic "from 192.168.0.0/24 to 192.168.0.0/24" over a tunnel?  Not possible - basic TCP/IP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    Thank you for your reply! The internal network on the Sophos site isn't using 192.168.0.0/24, it uses 10.0.0.0/24. I'm sorry I didn't make that clear....
    Internal subnet (10.0.0.0/24) - SOPHOS UTM <------------------ ASUS Router builtin (OpenVPN client) - Subnet on remote site (192.168.0.0/24)

    I want to route traffic from the 10.0.0.0/24 subnet to 192.168.0.0/24 subnet, over the SSL VPN tunnel.

    Regards,

    Jeroen

Reply
  • 0 in reply to BAlfson

    Hi Bob,

    Thank you for your reply! The internal network on the Sophos site isn't using 192.168.0.0/24, it uses 10.0.0.0/24. I'm sorry I didn't make that clear....
    Internal subnet (10.0.0.0/24) - SOPHOS UTM <------------------ ASUS Router builtin (OpenVPN client) - Subnet on remote site (192.168.0.0/24)

    I want to route traffic from the 10.0.0.0/24 subnet to 192.168.0.0/24 subnet, over the SSL VPN tunnel.

    Regards,

    Jeroen

Children
No Data
Unfiltered HTML