Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 20 replies
  • Subscribers 40 subscribers
  • Views 16313 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Connect blocks SNMP

MichalKawecki

After establishing the connection between XG Firewall version 17.5.1 MR1 through Sophos Connect, communication from the server installed behind the router to port udp/161 on the remote computer is impossible. Changing the VPN client to another one, for example to the Cyberoam VPN SSL or SecurePoint SLL VPN causes the immediate return of communication via udp. For all three tests this remote computer received IP from the same subnet and snmpwalk from the same server was used. Could this be a Sophos Connect error?



This thread was automatically locked due to age.
Parents
  • 0

    Hello Michal,

     

    Without additional information it is hard to pinpoint the exact cause of the problem you are having with Sophos Connect Client. What is the policy configuration? It is a tunnel all policy or a split tunnel policy? If it is a split tunnel policy check if the destination network includes the network where the server is located. There is nothing in Sophos Connect that will specifically block communication via UDP/161. 

     

    Please let me know

     

    Ramesh

  • 0 in reply to rmk_95128

    Thank you for your response. This is tunnel policy with full access to all private addresses behind the router.

    {
    "name": "IT",
    "managed": false,
    "version": 1,
    "gateway": "a.b.c.d",
    "vip": "0.0.0.0",
    "auto_connect": {
    "name": "10.77.77.254",
    "required": false,
    "enabled": true
    },
    "proposals": "aes256-sha2_256-modp1024",
    "dpd_delay": 60,
    "rekey_time": 15300,
    "start_action": "none",
    "local_auth": {
    "psk": {
    "id": "0.0.0.0"
    },
    "xauth": {
    "can_save": true
    },
    "otp": false
    },
    "remote_auth": {
    "psk": {
    "id": "%any",
    "secret": "efgh"
    },
    "otp": false
    },
    "child": {
    "rekey_time": 3060,
    "remote_ts": [
    "10.0.0.0/8",
    "172.16.0.0/12",
    "192.168.0.0/17",
    "52.5.76.173/32"
    ]
    }
    }

     

    However, it looks like the problem lies somewhere else. After establishing VPN tunnel through Sophos Connect, I get unexpectedly such a gate: 169.254.128.128.


    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.222 25
    10.0.0.0 255.0.0.0 169.254.128.128 10.0.101.200 45
    10.0.101.200 255.255.255.255 On-link 10.0.101.200 291
    52.5.76.173 255.255.255.255 169.254.128.128 10.0.101.200 45
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
    172.16.0.0 255.240.0.0 169.254.128.128 10.0.101.200 45
    192.168.0.0 255.255.128.0 169.254.128.128 10.0.101.200 45
    192.168.137.0 255.255.255.0 On-link 192.168.137.1 311
    192.168.137.1 255.255.255.255 On-link 192.168.137.1 311
    192.168.137.255 255.255.255.255 On-link 192.168.137.1 311
    192.168.178.0 255.255.255.0 On-link 192.168.178.222 281
    192.168.178.222 255.255.255.255 On-link 192.168.178.222 281
    192.168.178.255 255.255.255.255 On-link 192.168.178.222 281
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
    224.0.0.0 240.0.0.0 On-link 192.168.178.222 281
    224.0.0.0 240.0.0.0 On-link 192.168.137.1 311
    224.0.0.0 240.0.0.0 On-link 10.0.101.200 291
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
    255.255.255.255 255.255.255.255 On-link 192.168.178.222 281
    255.255.255.255 255.255.255.255 On-link 192.168.137.1 311
    255.255.255.255 255.255.255.255 On-link 10.0.101.200 291
    ===========================================================================

     

    Meanwhile, all interfaces on the router have either a fixed IP address or are disabled. I do not have any virtual interfaces or bridges configured. So from where did the VPN server pick up such address? From which router interface?

     

     

  • 0 in reply to MichalKawecki

    Hello Michal,

     

    That IP address is the WAN IP address of the gateway you are connecting to. You will find the defined gateway from this attribute "gateway": in the policy. Please let me know if you have any questions on this. 

     

    Ramesh

Reply Children
No Data
Unfiltered HTML