Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 3 subscribers
  • Views 28051 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

routing all traffic in through the outside interface and out through a dedicated VPN outbound port?

xyyz 2000

So, avoiding split tunneling (although, i wouldn't even know how to configure that), how would I allow all traffic to be filtered through the VPN?  At the moment, I have setup SSL on my SophosUTM 9.4 box.  I can connect and fetch anything I need from within the network, but since split tunneling is not functioning (and I really don't want it to be functioning) all access is restricted to the inside network.

Now, I'd would like to access the internet while connected to my VPN but through an additional interface (third one) to the SophosUTM box.  Is there any way to do this, route all traffic through that third interface when I'm out and about.

Can someone please instruct me on how to do this?

Appreciation in advance



This thread was automatically locked due to age.
Parents
  • 0

    Hi, and welcome to the UTM Community!!

    Please insert a picture of your SSL VPN Profile open in Edit and one of the 'Settings' tab.  Also, a picture of 'Allowed Networks' in your Web Filtering configuration.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks for your reply Bob!

    Here's what you requested


  • 0 in reply to xyyz 2000

    If you already have the 3rd interface setup and allow your internal network to browse the internet ie the correct routing or NAT, I would imagine it will be a simple case of allowing "internet" through the tunnel ie add it to your local networks on the vpn.

  • 0 in reply to Louis-M

    wouldn't that be a split tunnel of it's going out on the same interface it's coming in?  am i misunderstanding?

  • 0 in reply to xyyz 2000

    I admit that I'm not sure I understand what you want to do.

    If you want to use Web Filtering when connected via SSL VPN, you must add "SSL Pool (small)" to 'Allowed Networks' there.

    If you have another WAN connection or just an Additional Address and you want your Internet browsing to go out from there when you VPN in, then you cannot do that if using Web Filtering.

    In the SSL VPN Profile, rather than the "Any" object, use the "Internal (Network)" and "internet" objects to have a full (not split) tunnel.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to xyyz 2000

    I admit that I'm not sure I understand what you want to do.

    If you want to use Web Filtering when connected via SSL VPN, you must add "SSL Pool (small)" to 'Allowed Networks' there.

    If you have another WAN connection or just an Additional Address and you want your Internet browsing to go out from there when you VPN in, then you cannot do that if using Web Filtering.

    In the SSL VPN Profile, rather than the "Any" object, use the "Internal (Network)" and "internet" objects to have a full (not split) tunnel.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML