Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 3312 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN L2TP Radius users import required for firewall rule

DamoL

Hi,

I have setup a VPN Remote Access connection with L2TP and using Radius as the remote authentication. I can successfully connect, but no data flows unless I manually create a user object with the same username (and with remote authen setting) and add it to the firewall rule to allow access (as per VPN configuration instructions). Using the group "Radius Users (User Group Network)" for the firewall rule doesn't seem to work. I don't want to have to manually make and set the firewall rule for 80 odd users, so is there another auto group I can use or way to import Radius users?

Regards

Damien



This thread was automatically locked due to age.
  • 0

    Hi Damien,

    How about adding the L2TP network pool in a firewall rule instead of defining a User group? As the connected Users will get an IP address from the defined L2TP network pool, it can be used in the firewall rule to allow the traffic.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    I tried using the VPN Pool with a firewall rule to allow all data types from the VPN Pool to our internal network, but it only seemed to allow port 80 http data to come through, everything else seemed to be blocked. If I used our internal DHCP server instead with a firewall rule of internal network->allow all data->internal network, this seemed to work. (cause I noticed in the firewall logs data from that client was coming over a L2TP protocol, not TCP or UDP). I'm not sure if I understand whats happening here, but it works, and I don't think I've opened up too much to our VPN remote clients...

Unfiltered HTML