Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 16 replies
  • Subscribers 2 subscribers
  • Views 15463 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

how to create a VPN between local computers with different network subnets?

ShlomiSherman

Hello,

I have a rather interesting problem...

I have in my environment a computer with static IP (192.168.1.9/24), and an ESXi which hosts a sophos as a VM.

I also have a win 8.1 as a VM (inside the ESXi host of course), and it has an IP of 192.168.2.15/24,

I can give that VM 2 legs (for connecting to the internet and the local resources), one internal (which sits behind the Sophos) and one external (which connect directly to the Internet).

For security reasons, i don't want to connect that VM to the external leg, but connect the VM via VPN to the 192.168.1.0/24 network (for the resources).

my problem starts here:

i used PPTP (i tried SSL and IPSec, not working for my setup), and i managed to connect the VPN... but i keep getting this address:

192.168.1.2/36, leave the fact that my ESXi has the 192.168.1.2/24 IP address...

I am at a lost, i tried combing through the internet, with no luck.

please, i do need you assistance



This thread was automatically locked due to age.
Parents
  • 0

    Why not use a Site-to-Site tunnel instead of Remote Access?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    thank you for you comment, but,

    how can the site-to-site solution help me?

    i am afraid i am not too familiar with site to site with only one sophos

  • 0 in reply to ShlomiSherman

    The solution with Remote Access is very complex.  It will be easier to setup a site-to-site.  If you want to continue about that, please show a simple diagram of the desired topology including obfuscated IPs.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thank you for the quick comment,

    i"m adding a link to the visio diagram that shows what i wish to have in my topology

    [Edited]

    again,

    thank you bob [:)]

    P.S
    .

    I forgot to mention this, my router is dealing 192.168.1.0/24
     , and my Sophos is dealing 192.168.2.0/24 

  • 0 in reply to ShlomiSherman

    I'm sorry, but that site isn't trusted. Please Edit that post, delete the link and insert your image into the post. We can't know if that external site is properly protected. The only malware I've gotten in over 10 years was from an external link to a picture in this forum several years ago.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Fair enough,

    I have removed the link and i"m posting the image (I might went a little overboard with the "simple" design)

    p.s.

    for clarification,

    the resource image represent 3 different WD my cloud devices.

  • 0 in reply to ShlomiSherman

    The "Remote Computer" should be able to access the "Resources" with just a firewall rule in the UTM.  Have you tried that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to ShlomiSherman

    The "Remote Computer" should be able to access the "Resources" with just a firewall rule in the UTM.  Have you tried that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
Unfiltered HTML