Hi out there,
I a stuck with a small problem, maybe someone has an idea for me.. I would really appriciate that :-) The following scenarios: We recently exchanged a Sophos UTM for an XG Firewall. Our customer has a second gateway in his local network [192.168.178.8] through which he has to reach a specific web service. So far so good. With the UTM it also worked without any problems, with the XG not. I know, with the second gateway in my local network I get an asymmetric routing condition. For my internal network I was able to fix this with a bypass-statefull-firewall command, which works - So Internal is not the problem. The real problem is that the customer has to reach that web service which has to go over the second gateway via VPN as well. We are using a Sophos Connect IPSEC connection (bevor the customer had the normal SSL VPN client connection). I am able reach the local network without problems, also the second gateway. For my considerations, it would have to be an asymmetrical route here as well. I tryed to get it to work with the bypass stareful firewall command (just with the VPN Subnet) but i can't get it to work over vpn.So if anyone has an idea on that - help would be very welcomethanks ahead :)
Hi Joshua Antl
Please refer the below link to connect the network connected with Sophos XG over SSL VPN :
https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp…
Hi,
have you insert the second vpn subnet behind 192.168.178.8 to the allowed networks in the IPsec Client VPN connection? Also keep in mind the back route from 192.168.178.8 to the IPsec VPN network on the XG.
Regards
fusi