VPN SSL remote access, our employees cant access or connect to VPN outside the country, but inside the country can connect & access the same SSL VPN remote access.
Please check this troubleshoot SSL VPN remote access connectivity as asked follows:
Here, we need to identified that whether firewall is receiving traffic on SSL VPN Port from the Client Public IP or not?
Verify the SSL VPN traffic flow from the console
Log in to the command-line interface (CLI) and select 4: Device Console. Run the following command, which uses the default SSL VPN port 8443, to analyze the output.
tcpdump "port 8443"
Verify the drop packet capture for SSL VPN
Log in to the command-line interface (CLI) and select 4. Device Console to run the following command, which uses the default SSL VPN port 8443.
drop-packet-capture “port 8443”
Verify the logs from the advance shell
Log in to the command-line interface (CLI) and select 5: Device Management then 3: Advanced Shell and type the following command:
tail -f /log/sslvpn.log
Same SSL VPN Client logs required from End client machine also.
Also, please verify the firewall rule which is processing the traffic.
In the event that the SSL VPN connects successfully but users are not able to connect to the allowed resources behind the Sophos XG Firewall, verify if a firewall rule is created and configured. If any specific service is selected in this rule, try allowing any service and check the connectivity.
-----------------------
Thank & Regards,
Nilesh Mojidra
If a post solves your question, use the 'Verify Answer' link.
