Hi,
I am searching the web now since days and I cannot find a solution for the Sophos XG 210 to provide a user portal and SSL VPN to the internet and also hosting some external service.
The current setup (anonymized):
- WAN IP address range from provider: 1.2.3.0/29
- Default Gateway 1.2.3.1
- Our external IP address is 1.2.3.2 which is setup to be our main address for internet connection, user portal and SSL VPN on port 443
- External IP 1.2.3.2/29 is configured on Port2/WAN in Zone WAN
The challenge:
- Add additional IP address 1.2.3.3/29 to Sophos XG
- Forward port 443 on 1.2.3.3 to an internal server in DMZ for custom web services
- User portal/SSL VPN and the web service need to be on default HTTPS ports to work properly in all situations where strict firewalls are in place which only support HTTP/HTTPS like airports, hotels, customer sites, ...
The main issues are:
- When I add an alias to Port2, the user portal is shown on IP address 1.2.3.3. It completely shadows my additional IP address, as the user portal is listening on the WAN Zone.
- When I user Port1/LAN and set it up with IP address 1.2.3.3 and also put it into a zone different zone WAN2, I still see the user portal.
What do I miss here? It cannot be that difficult, can it?
Regards
Rick
This thread was automatically locked due to age.
Quote