This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL-Remote access over IP-SEC Site to site tunnel

Hi Community,

maybe you are wondering what I plan to do, just because of the title, but nevertheless you opened this threat. :-)

So, I've got a small remote office with some users, they have a small utm, DSL Line, no static IP, typical small environment. But they have their own User directory and their own Fileserver, where they want to have access to. It would be easy to give them SSL-VPN Remote Access, but they don't have a static IP. I don't want to mess around with dyndns.

And I have my main office, where I have a public IP-Network and a big UTM and so on.

So in order to give them the chance to do Remote Access I thought it could work out to establish a IP-SEC Tunnel from the small-office to the main office and to give them a small public ip-network over the ip-sec connection. So far, so good, but how to bind the SSL-VPN to the tunnel. Since you can only select "real network interfaces" on the ssl settings tab, I don't see any chance to bind the ssl-vpn to the "tunneld" pubilc IP address.

Got my problem? Anyone been so crazy as to try something like this bevore?

Regards, Rolf

This thread was automatically locked due to age.

Parents

0 sachingurung over 8 years ago

Hi Hern,

Establishing IPSec tunnel between the two end is enough to provide the remote users access to the Head Office Network. I hope that was the actual requirement.

Thanks

Sachin Gurung
Team Lead | Sophos Technical Support
Knowledge Base | @SophosSupport | Video tutorials
Remember to like a post. If a post (on a question thread) solves your question use the 'This helped me' link.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 sachingurung over 8 years ago

Hi Hern,

Establishing IPSec tunnel between the two end is enough to provide the remote users access to the Head Office Network. I hope that was the actual requirement.

Thanks

Sachin Gurung
Team Lead | Sophos Technical Support
Knowledge Base | @SophosSupport | Video tutorials
Remember to like a post. If a post (on a question thread) solves your question use the 'This helped me' link.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Rolf M over 8 years ago in reply to sachingurung

Hi Sachingurung,

no, the question is not accessing the main office from the small site, that's clear.

The question is how to give the users of the small office access to their systems at the small site.

I know that there are several other options. You could run the remote access on the main office and route them over the tunnel to the small-office. Downsite, you must administer the users at the main site, don't like that.

As mentioned bevor you could use dyndns as well, to access the dynamic public ip of the small-office, but that is not nice.

I think, there are even more options, but the one I'd like best, is the one I've outlined.

Any suggestion?

Regards, Rolf
Cancel
Vote Up 0 Vote Down

Cancel