This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What is wrong with my remote-access SSL VPN settings !?

Hello everyone,

I am using Sophos XG v18.5 MR 4. This is my ACL matrix:

I have been following either one of these instructions to create a working remote-access SSL VPN:

_ Configure remote access SSL VPN with Sophos Connect client: https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/VPN/RemoteAccessVPN/VPNRemoteAccessSSLVPNSophosConnectClient/index.html

_ Sophos Firewall: Configure IPsec and SSL VPN Remote Access: https://www.youtube.com/watch?v=wXUmWX1kDx4 

_ Sophos XG Firewall (v18): How to configure SSL VPN remote access: https://www.youtube.com/watch?v=rFMD2Kb7dWA

I use OpenVPN Community Edition v2.4.12 to import and activate the .ovpn profile ( https://openvpn.net/community-downloads/ ). The remote connection has been established successfully, however I can not connect to any of the LAN resources as well as the firewall's admin page itself.

What is wrong with my settings, and (or) VPN client ? Do I have to use the Sophos client instead of OpenVPN client in order to connect ?

Thank you very much in advance.



This thread was automatically locked due to age.
Parents Reply Children
  • Thank you so much again buddy. I have followed your & instructions and it finally works.

    It works too well that now regardless whether I am in local or foreign networks, the VPN will work anyway. In case of me wanting the VPN to only work when I am on foreign networks, which should I do ?

    Thank you buddies. You guys have made my day.

  • Hi J Thai,

    For allowing only foreign networks, you need to edit your Permitted network resources and filter them on VPN>SSL VPN.

    So that only listed will be allowed to connect on the VPN. In your case, you can edit the SSL_VPN_Remote_Access_Local or just create a new network and add it to your FW Rule and Permitted network resources(IPv4).

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.