This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN with ANY Ressource permitted

Hi

We have set up an SSL VPN on our XGS Firewall.
We want to route all the traffic trough the tunnel and make any network available in the tunnel (we have specific firewall rules set up to handle wo should access what).

The Problem we have now, is that when we set the SSL VPN with "Use as default gateway", it does not work if we do not set an permitted ressource as well. 
Not work = Can not connect to any ressource except the internet, even tho whe have all the required firewall rules set up

This would require us to list any network ressources we have there, which will change regulary and is quite a long list.


Is there a way, where can allow "any" as a permitted ressource?
Sophos XGS does not allow me to create a 0.0.0.0/0.0.0.0 network object.

Thanks
Mario



This thread was automatically locked due to age.
Parents
  • Hello ,

    Thank you for reaching out to the community, with the use of "Use as default gateway." - All the WAN Traffic for the SSL VPN users will be routed via Sophos FW and hence you'll require a rule VPN to WAN. And for the "Permitted network resources."  - All the local resources of the Sophos FW for which you'll need a rule VPN to LAN traffic.  
    So you can leave the section empty - that way it will have a higher priority: 
    But in order to access the local resources - You'll have to mention the complete network if you want everything on that network to be accessible.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Reply
  • Hello ,

    Thank you for reaching out to the community, with the use of "Use as default gateway." - All the WAN Traffic for the SSL VPN users will be routed via Sophos FW and hence you'll require a rule VPN to WAN. And for the "Permitted network resources."  - All the local resources of the Sophos FW for which you'll need a rule VPN to LAN traffic.  
    So you can leave the section empty - that way it will have a higher priority: 
    But in order to access the local resources - You'll have to mention the complete network if you want everything on that network to be accessible.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Children