Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allowing VPN traffic trough Ubuntu firewall to connect on Sophos firewall

I need advice to achieve something and I can't find the answer anywhere.

I'm setting up a network in a test lab. I have an Ubuntu machine that runs SNORT as an IDS and it's the only machine that as an internet connexion. This machine is connected to a Sophos machine that is our primary firewall. Behind the Sophos firewall, we have a DMZ network and an internal network with clients and various servers.

I setted up a L2TP over IPsec VPN on the sophos machine and I know that I can connect to it since I have a test machine between SNORT and Sophos and the connexion works. My problem is that I can't access my VPN if I try to connect to it with the external IP address of the SNORT machine.

I've been able to NAT internet to the machines that need an internet connexion using masquerading and this part works fine. If anyone know how to allow my VPN to connect through the SNORT machine, it would be a life savor right now.

Thanks a lot and any help is much appreciated



This thread was automatically locked due to age.
Parents
  • Albrecht,

    on the Snort box, you should use iptables to create a DNAT to the XG firewall.

    Make sure you redirect UDP ports 500, 1701 and  4500 to XG wan interface.

    I would recommend to switch the snort box to XG directly, as XG uses snort.

    Regards

Reply
  • Albrecht,

    on the Snort box, you should use iptables to create a DNAT to the XG firewall.

    Make sure you redirect UDP ports 500, 1701 and  4500 to XG wan interface.

    I would recommend to switch the snort box to XG directly, as XG uses snort.

    Regards

Children
No Data