Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 37 subscribers
  • Views 2309 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN SSL Split Tunneling

Pascal Dittmer

Hello there,

I have a VPN SSL running on a XG125 with Firmware SFOS 18.0.5 MR-5-Build586. If Default Gateway is turned off, I cannot access the internet on my machine, no ping, no DNS resolving. I can access the network on the other end.

VPN Policy:

Internal: 172.16.0.0/16

VPN Settings:

Groups/User:

/log/sslvpn.log

Connection log:

client config:

Why is the Sophos still giving me the redirect-gateway def1? What do I have to do to get this running?

Thank you in advance, sorry for alle the images.

Pascal



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    Are you using SSL Remote VPN with Connect Client and provisioning file? 

    Have you tried to connect with the new configuration? 

    Thanks,

  • 0 in reply to FormerMember

    Hi,

    thank you for your answer. I am not using the client. I am on an Arch Linux and run sudo openvpn --config testuser.ovpn
    I also tried it on a Windows machine with the client, no change. I downloaded the configuration after I disabled the option Default Gateway, if it's that what you meant with new configuration.

    Thank you

  • FormerMember
    0 FormerMember in reply to Pascal Dittmer

    Hi ,

    Thank you for the update. 

    Yes, I meant to say exactly what you mentioned. 

    Let me know if restarting the SSL VPN service with the following command helps resolves this issue: 

    Connecting to the Advanced Shell

    1. To connect using SSH, you may use any SSH client to connect to port 22 of the SFOS device.
    2. Select option 5 Device Management.
    3. Select option 3 Advanced Shell.

    service sslvpn:restart -ds nosync

    Thanks,

Reply
  • FormerMember
    0 FormerMember in reply to Pascal Dittmer

    Hi ,

    Thank you for the update. 

    Yes, I meant to say exactly what you mentioned. 

    Let me know if restarting the SSL VPN service with the following command helps resolves this issue: 

    Connecting to the Advanced Shell

    1. To connect using SSH, you may use any SSH client to connect to port 22 of the SFOS device.
    2. Select option 5 Device Management.
    3. Select option 3 Advanced Shell.

    service sslvpn:restart -ds nosync

    Thanks,

Children
Unfiltered HTML