This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN ne fonctionne plus en V19

Bonjour 

Sur un XG230, la mise à jour 18.5MR3 vers 19.0GA a été proposée dans la mise à jour de firmware.

J'utilise plus de 50 clients en connexion VPN SSL

Aucun soucis en version 18.5 MR3. Je ping bien IP serveur de destination, aussi bien par ping sur nom que ping sur IP

En version 19.0 GA, le ping ne passe plus ni sur le nom ni sur l IP.

Le client VPN se connecte bien (feu passe bien au vert), mais les connexions des clients en RDP ne fonctionnent plus.

Je ne vois pas de trace précise dans la visionneuse 

Avez vous des pistes?

Cordialement.



This thread was automatically locked due to age.
Parents
  • Hello there,

    Thank you for contacting the Sophos Community

    The SSL VPN Client isn’t longer supported, and it’s already EoL. 

    I would suggest you use the Sophos Connect Client, in case you need to open a case.

    Other than that, try doing a TCPdump on the advanced shell of the XG to confirm the packets are arriving to the XG

    # tcpdump -eni ipsec0 host 172.16.30.10 (change the Ip to one being used for the client)

    If you see packets arriving to the XG via the ipsec0 then do a GUI Packet Capture to confirm the correct firewall is being hit and any NAT rule you might have configured for this traffic.

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Reply
  • Hello there,

    Thank you for contacting the Sophos Community

    The SSL VPN Client isn’t longer supported, and it’s already EoL. 

    I would suggest you use the Sophos Connect Client, in case you need to open a case.

    Other than that, try doing a TCPdump on the advanced shell of the XG to confirm the packets are arriving to the XG

    # tcpdump -eni ipsec0 host 172.16.30.10 (change the Ip to one being used for the client)

    If you see packets arriving to the XG via the ipsec0 then do a GUI Packet Capture to confirm the correct firewall is being hit and any NAT rule you might have configured for this traffic.

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Children