Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN Remote Access Issue on Client Side

Hi,

 

Does the SSL VPN remote access client has a way to hide the local IP address and use the VPN IP address as its primary?

We are having an issue with our work from home user which is connected to a Remote Access SSL VPN. 

The issue is when the remote pc has a soft phone application connects to a SIP server , The SIP Server logs only reads the remote pc's local IP address not the VPN IP address. This causes call incoming and outgoing to be blocked.

As for the VPN configuration in the Sophos XG 135. I have already enabled the default gateway. As per Sophos Support chat mentioned to do so.

I do not have any other issues with the VPN since other connections to servers are all working just the Sip Server.

 

Thanks.

Jonas - GV IT



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi Jonas,

    Have you downloaded new configuration after changing the connection profile to use XG as a gateway?

    If yes, please configure VPN to WAN firewall rule and let us know if that resolves your issue. 

    Thanks,

  • Hi H_Patel,

     

    Yes I did, also for more details the Sip server is on a leased line connected to our lan so the setup should be like this

     

    Remote PC -> SSL VPN -> VPN WAN HOST (Sophos XG 135) -> NATed to Sophos XG 135 Local network interface -> static routed to the leased line -> SIP Server

     

    For the Firewall rule I used VPN to LAN since my objective is to route VPN traffic to the leased line connected to our lan network.

    I have no issues connecting the leased line via VPN network. The only problem is when a remote pc using the SSL VPN established a connection to the SIP server, The SIP Server detects the Remote PC's local IP address first rather than its VPN Address.

    We are currently looking at the Remote PC's interface metrics at the moment since the interface for the local ip is set to automatic and the SSL VPN interface is set to 1.

     

    Thanks,

Reply
  • Hi H_Patel,

     

    Yes I did, also for more details the Sip server is on a leased line connected to our lan so the setup should be like this

     

    Remote PC -> SSL VPN -> VPN WAN HOST (Sophos XG 135) -> NATed to Sophos XG 135 Local network interface -> static routed to the leased line -> SIP Server

     

    For the Firewall rule I used VPN to LAN since my objective is to route VPN traffic to the leased line connected to our lan network.

    I have no issues connecting the leased line via VPN network. The only problem is when a remote pc using the SSL VPN established a connection to the SIP server, The SIP Server detects the Remote PC's local IP address first rather than its VPN Address.

    We are currently looking at the Remote PC's interface metrics at the moment since the interface for the local ip is set to automatic and the SSL VPN interface is set to 1.

     

    Thanks,

Children
No Data