My SSL VPN Tunnel is connected and allowing traffic, I can connect to resources on the internal network via the tunnel, however I am having no success connecting to RDP via Clientless Bookmark method or Microsoft's RD Client app. Do i need to create a NAT rule for RDP traffic?
Hi yardiman Please check below KBA if the error which is appearing is related to "Protocol Security Negotiation Failure" and in that case required action has already been suggested to fix the error over…
Hi yardiman, do you have RDP service specified in your VPN > LAN firewall rule?
Traffic to and from the tunnel is set to "Any"
This fw rule doesn't seem to have any hits, your successful VPN connection to internal resources should at least go through this rule. When you do a packet capture, what do you see? Is it using this firewall rule?
There is nothing connected to the Tunnel at the time i took the screen shot but it works see updated screen shot. The Clientless ssl Book Mark seems to work is I do the following:
a. if I disable NLA on the desktop that I'm trying to connect to
b. Change Protocol security to TLS
which i gather is not best Practice.
What security protocol was selected prior that wasn't working?
Hi yardiman Please check below KBA if the error which is appearing is related to "Protocol Security Negotiation Failure" and in that case required action has already been suggested to fix the error over there in the same KBA.How NLA authentication affects Clientless VPN (RDP Bookmark):https://support.sophos.com/support/s/article/KB-000038644?language=en_USSophos Firewall: HTTP/S bookmarks feature retirement
Regards,Vishal RanpariyaTechnical Account Manager | Sophos Technical SupportSophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts | If a post solves your question use the 'This helped me' link.
Thanks for the info, do you have any Ideas on how to get RDP working inside the vpn conncection? I've tried using the server access assistant with no success.
The solution for this is marked as Verified in the following post:https://community.sophos.com/sophos-xg-firewall/f/discussions/134662/rdp-not-working-over-ssl-vpnRegards,