Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 1135 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem Sophos-Connect, but SSL-VPN-Client works fine

Admin TSK

Hi there, we have a problem accessing our softphone with the Sophos Connect Client (IPSec). But it works with the Sophos SSL Client!

The Sophos Connect and SSL users are in one subnet (10.168.130.0). The LAN is 192.168.130.0.

Does routing still have to be set?

A ping from the LAN to the SSL VPN client works. No ping to the Sophos Connect client.

I also created a support ticket, but unfortunately I haven't received adequate help here since mid-December.

Does anyone know the problem?

We use SFOS 18.0.4 MR-4

many Greetings

Martin



This thread was automatically locked due to age.
Parents
  • +1

    You should not use the same subnet range for both services. This can result to issues. Please use different subnet ranges. Both services are combined behind VPN zone, so you can use the zone VPN in firewall rules. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Those are two different subnets but I must admit, I first thought the same and could not see the difference.

    Admin TSK said:
    (10.168.130.0). The LAN is 192.168.130.0.

    (10.168.130.0). The LAN is 192.168.130.0.

    Do you see the probably UDP SIP Traffic on Port 5060 in firewall live log? If not, do you see it in GUI Packet capture?

    We've had and I think still have issues where SIP Traffic is invisible in the live log and there were locations where SIP traffic would not pass IPSec tunnels. Currently this is not occouring.

  • 0 in reply to LHerzog

    Thats not the point. He wrote: The Sophos Connect and SSL users are in one subnet (10.168.130.0)

    There is currently no limitation in GUI to have IPsec and SSLVPN in the same subnet. This could eventually lead to issues in the backend, if both uses the same backend. 

    __________________________________________________________________________________________________________________

Reply
  • 0 in reply to LHerzog

    Thats not the point. He wrote: The Sophos Connect and SSL users are in one subnet (10.168.130.0)

    There is currently no limitation in GUI to have IPsec and SSLVPN in the same subnet. This could eventually lead to issues in the backend, if both uses the same backend. 

    __________________________________________________________________________________________________________________

Children
Unfiltered HTML