Sophos Firewall v22 EAP is now available! Click here to learn more.

Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Access two windows servers with different Network Class

Sophos User4602

Dear Sir,

1) I have IIS  running on server Windows server 2010 with IP 192.168.1.2  (255.255.255.0.) , to access intranet website I need to type just ip address 192,168.1.1 on 10 systems in office  having  this subnet

2) Another IIS is running on server windows 2016 with ip 172.16.x.x (255.255.240.0) ,to access intranet website I need to type just ip address 172.16.1.5 on 120  systems having  this subnet.

Both subnets come to a common switch where firewall is also connected.

Firewall XG 310 ver 17.5 , has ip 172.16.1.1. (255.255.240.0)

I managed to connect firewall with SSL VPN client , from home using wan IP

When I type 172.16.1.5 from home system in browser  the intranet website works fine, located on 2) server.

When I type 192.168.1.2 it says site cannot be reached, coming from 1)  server.

Can you kindly suggest me options. I just need to access from home. both servers.



This thread was automatically locked due to age.
  • 0

    I would suggest checking what "Permitted network resources" you have under Configure > VPN > SSL VPN (remote access).  Make sure both subnet/networks are there in the tunnel access section.  Also, you may need firewall rules allowing the traffic from VPN zone to LAN zone.  If you can access the firewall webadmin while connected, check the log viewer and look for firewall events (the rule would need to have logging turned on).  You can also use the packet capture under Diagnostics to capture your traffic and analyze what's happening.  Just filter it down using the Configure button and entering something like "host 10.81.55.5 and port 443" (replace with your SSL vpn IP address) in the BPF string field, and then start the capture and try to access IIS.

    • 0 in reply to NateP

      Hello,

      I am working on your solution given to my problem.

      I am able to solve to some extent. I also upgraded  firmware to ver 18.0 from 17.5 

      I will fix the problem as guided by you.

      Thanks

    • 0

      Hello there,

      Adding to what Nate has mentioned, it might be that the 192.168.1.0/24 is overlapping with the home users' networks, which will cause the traffic not to go through the tunnel.

      Regards,

       
      Emmanuel (EmmoSophos)
      Technical Team Lead, Global Community Support
      Are you a Sophos Partner?Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
      If a post solves your question use the 'Verify Answer' link.
      The award-winning home for Sophos Support video! - Visit Sophos Techvids