We use TightVNC to remote into some users machines. It's preconfigured through GPO with certain passwords and only allows access from our internal subnets.
We have started moving users from the SSL VPN to the newer Sophos Connect with a IPSec VPN. We have a firewall rule that allows LAN - Internal Subnets -> VPN - VPN Subnet and another rule that allows VPN - VPN Subnet -> LAN - Internal Subnets with heartbeat. This worked fine with the SSL VPN and we could use TightVNC to connect to the remote users using their VPN IP address. However with the IPSec VPN we cannot connect to their machines at all.
We have disabled the firewall on the remote machines but that wasn't it (figured it wasn't since it worked before). We have tried the log viewer on the XG but it doesn't show anything allowed or denied from the source or destination IP address. Is the IP Sec VPN fall under a different zone or do I need to configure something else? The new IPSec VPN users have no issues accessing network resources and everything else works.
This thread was automatically locked due to age.