Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 8 subscribers
  • Views 8617 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN issues

Matt Case

Hi,

I have setup an SSL VPV with access to the Internet and remote LAN resources.

When I connect the VPN using a Wi-fi connection, I cannot access remote LAN resources. However, if I connect to the VPN over a cellular connection, I can connect to the remote LAN resources with no issues.

I can't seem to figure out what is going on but it seems like it may be an issue with the IP? I used the default UTM IP range for the VPN. My remote LAN uses the 192.168.1.x range.

Is it possible that when I connect through Wi-fi and get a Wi-fi IP that is similar to my remote LAN (192.168.1.x) that when I attempt to access remote LAN resources the routing gets confused thinking I am looking for a resource on the Wi-fi and not the remote LAN?

Does anyone know how to resolve this issue?

Thanks.



This thread was automatically locked due to age.
  • 0

    Hi Matt,

    First, check #1 in the Rulz by Bob and check if anything is dropped in the firewall rule. If not, show us the configuration for SSL VPN.

    Thank You

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • +1

    Hi, Matt, and welcome to the UTM Community!

    Please be specific about the subnets that are involved.  If both the WiFi subnet and a subnet on your UTM are 192.168.1.0/24, you have created a routing problem.  For any UTM that should be reachable from WiFi hot spots or other homes' WiFi, I recommend using a /24 in 172.16.0.0/12 to avoid such problems.  Google Private IPv4 address spaces.  Also, I recommend against changing the UTM's default VPN Pools.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks for your reply!

    That is exactly what I was afraid of...  So basically I have to change the entire network addressing schema of my LAN?  Wish there was a better way...

    Also, I did leave the UTM's VPN pool as the default.

    Thanks again...I'll check it out this week and see if that will fix the issue.

Unfiltered HTML