we have a very strange issue with one User on a XGS2100 using L2TP VPN. The User connects to VPN without any Problems and is authenticated by Active Directory. The Windows Client receives an IP Address of the Firewall VPN Pool.
On the Firewall all Rules are build up Network Objects. One Rule is to allow the VPN-Pool to access a Web Server. This Rule works for all users except one. This user is not able to connect to the Web Server. All other users can connect to the Web Server. I created many tests users all are able to connect.
Has anybody an idea what's going wrong here? The Firewall is running on SFOS 18.5.0 GA-Build289. I don't know if it is a good idea to upgrade to 18.5.1 MR1 EAP on a productive firewall.
An support case is not opened at the moment.
It was an MTU issue on client site. I changed the MTU on the L2TP-Interface to a smaller (1300) value.
Thank you for reaching out to Sophos Community.
Please check the packet flow when the user makes a request to WebServer after connecting to L2TP.
Also, confirm that the traffic for this user is being forwarded from the correct firewall rule or not.
Monitor traffic using Packet Capture Utility
How to monitor packet flow using CLI
Thank you for taking the time to update this thread with a resolution. Appreciated!!