Sophos AP/APX users may experience issues registering to Sophos Central. More info available here: Central Wireless
We'd love to hear about it! Click here to go to the product suggestion community
I suspect that you need a Static Route. I'm having trouble visualizing what works and what doesn't work with SSL VPN Remote Access. Perhaps you could show us a diagram including subnets of what doesn't work as well as a picture of the Edit of the SSL VPN Profile.
Cheers - Bob
Is your SSL VPN configured to use UDP? If not, change to UDP and re-test.
There are some perverse things that can happen if you run one TCP session inside another TCP session. Basically, retransmits in one layer can trigger unwanted retransmits in the other layer. Do a web search for"TCP Meltdown" if you want more details.
In reply to BAlfson:
In reply to chronowerx:
Getting closer, Ken. What are 172.16.2.22 and .56? What subnet does "VPN Pool (SSL)" contain? What IP are the SSL VPN clients connecting to? What port(s) does the sharer use?
Please show the Edit of the SSL VPN Profile. You can copy and paste an image directly here and we'll know that it can't be modified to contain malware by some hacker. I opened your links in a sandbox just in case. We can't know if an external site is properly protected. The only malware I've gotten in over 10 years was from an external link to a picture in this forum about six years ago.
Let me say something in my own words to see if I understand what's not working. When client 1, connected via VPN, shares a session to directly-connected client 2, Client 2 receives the sharing offer and initiates a viewing session of that offer. Wireshark shows the viewing session packet arriving on the UTM but not leaving the UTM. There is nothing in the Firewall or Intrusion Protection log indicating that the UTM blocked the packet.
"Working as intended," let's say - glad you found the problem! Even when I "know" I won't find anything, I always do #1 in Rulz to leave no doubt.