Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Able to connect to SSL VPN Remote but unable to connect to local

Hi,

 

 i need some help in accessing our local resources using the SSL VPN. i have done and implemented various settings from various forums but i still cant get connect to any local devices and servers. See below for the screenshot.

 



This thread was automatically locked due to age.
  • Hi,

    can you ping devices on either side of the bridge from the other side of the bridge?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Hi Ian,

    Unable to ping. Currently all of my devices are connected to Port 1. In event i connect other device to port 3 or 4, unable to ping each port

  • Hi  

    Could you please untick "Match know user" and apply tick "Rewrite Source address" and apply MASQ in VPN to LAN firewall rule to test?

    Please also create LAN to VPN firewall rule.

    For configuration verification, please refer to the article - https://community.sophos.com/kb/en-us/122769

    For Packet Capture - https://community.sophos.com/kb/en-us/123189

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • Hi ,

    I follow all of this before. But still the same. I can't access the LAN portion.

    Is the vpn to lan rule already inside the SSL vpn rule?

    Keyur said:
    Hi
     

    Could you please untick "Match know user" and apply tick "Rewrite Source address" and apply MASQ in VPN to LAN firewall rule to test?

    Please also create LAN to VPN firewall rule.

    For configuration verification, please refer to the article - 

    For Packet Capture - 

  • Hi  

    Please use packet capture and share the details that traffic is getting forwarded to the LAN zone or not.

    Please also share a screenshot of Bridge pair configuration

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • Hi,

     

    please see below photos

     

  • Thanks John.

    I had the same issue on an XG installation. SSL VPN ok, connection ok but not access to any local resources, expect made for XG lan interface.

    I fixed the issue by switching the SSL VPN to UDP, downloading the SSL VPN file configuration from user portal and I was able to connect.

    If it does not work, please share a tcpdump "host x.x.x.x" where x.x.x.x is the destination host you are trying to access.

    Thanks