Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 2 answers
  • Subscribers 3 subscribers
  • Views 13470 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No internet access through L2TP VPN

ACL-Events

Hello Forum People,

I hope you can help me with that issue.

 

I have set up a remote access via L2TP/IPsec for two devices and both connect properly. I also have access to my internal network.

Unfortunately I couldnt get the internet access via VPN working yet.

Settings I made so far:

Firewall:

  • from L2TP Network to Internal Network and WAN IP (any service)
  • from L2TP Network to internet IPv4 / IPv6 (any service, logging enabled)
  • from Internal Network to L2TP Network

NAT

  • from L2TP Network to WAN 

Ping is going through, but I guess thats due to ICMP settings.

Devices are one IPhone and one MacbookPro, both configured by the user portal.

In the Firewall-Log I can see packets going out to public IP Adresses, but nothing blocked way back.

DNS isnt working either, L2TP Network is added in allowed networks.

 

Im runnig out of ideas, could anyone help?

Best Regards,

Arne

 



This thread was automatically locked due to age.
  • 0

    Hallo Arne and welcome to the UTM Community!

    The L2TP client contains the selection for this.  Check 'Use default gateway on remote network' behind the [Advanced] button in the [Properties] of IPv4 on the 'Networking' tab.  If you still don't get Internet, confirm that you have a Masq rule 'VPN Pool (L2TP) -> External'.  Also, you might want to add "VPN Pool (L2TP)" to 'Allowed Networks' in Web Filtering.

    Any better luck now?

    Cheers - Bob 

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    I know this thread is a couple years old, but I was having the same problem...no Internet access while on VPN.
    After making a connection I discovered that there was no DNS entry for a public DNS server once connected to the VPN. 
    My L2TP client (MacOS L2TP client) was set to send all traffic thru the tunnel (if I didn't, I could not access internal devices on the target VPN network).
    My FW rules seemed correct, nothing special on the VPN rules, and my primary Internal to WAN rule had my local LAN & VPN source to any WAN destination set.
    Initially I had thought that the XG would route to an external DNS for public IPs based on the Network...DNS setting I had (where I put in Static public DNS IPs).
    Apparently, those do not get added to the L2TP VPN connection.
    In the L2TP settings on the XG (VPN...Show VPN Settings...L2TP) I had the local IP of the XG for Primary DNS, but nothing else, so I added Google DNS (8.8.8.8) as the secondary.
    Now when connecting to the VPN, I can also get to the Web.

    Hope this helps anyone having this issue.

    Lonnie

Unfiltered HTML