Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Home Firewall - Work VPN connects, applications don't work

Hi, 

I'm currently running Sophos Home Firewall on my home network (192.168.X.X) and having trouble working from home using the VPN provided by my workplace (Cisco Duo). I can connect to the VPN ok, i receive the local IP address (10.x.x.x) and any locally installed applications and network drives are working. There are some applications that are accessed through citrix and these are not working when connected through the sophos firewall.  If i connect the same PC to a mobile wifi hotspot, the applications work perfectly, however as soon as i route through sophos, i cant access the remote applications even though the VPN is connected.

I created a firewall rule to let anything out from that mac address, but something is still being blocked. 

Any ideas where else i need to look please? I have checked logs and cant see any traffic being dropped using the local ip address as source or destination ip.

Thanks



This thread was automatically locked due to age.
Parents
  • Hi Chris,

    Thank you for reaching out to Sophos Community.

    Have you tried to use any how-to videos, documentation, Sophos Assistant, or KBA to try to check the issue?

    • To verify, what kind of remote VPN are you using? And what firmware version are you using?
    • Were the Firewall Rules on the very top?
    • I would recommend doing a Packet Capture to check.
    • From the logs, is there traffic coming from the respected IP?

    For more reference, kindly check the KB which might assist you

    Sophos Firewall: Troubleshoot SSL VPN remote access connectivity and data transfer issues

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • I have been through the documentation and it looks to be for VPN provided by the Sophos, rather then an external VPN that is traversing through the sophos.

    Is there a way i can add the mac address or IP to the rules engine so it will completely bypass the firewall? Any inbound or outbound traffic will be let through?

  • Hello, 

    Can you share a screenshot of the VPN client you are using?

    You can add the following exception to the firewall rule that controls the traffic going out when the VPN is connected 

    Sign in to the CLI using Telnet or SSH. The CLI can also be accessed in the WebAdmin by going to Admin > Console located in the upper right corner.

    Choose option 4. Device Console.

    Execute the following command:

    console> set ips ac_atp exception fwrules 1,2

    Where 1,2 is the Firewall rule you want to bypass. 

    However, before doing this, I would recommend you confirm what VPN you are using, as this sounds more like a missing route in the Configuration File of the VPN  to reach the devices. ^EO


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Thanks Emmanuel, I tried that but unfortunately it still didn't work. 

    It looks like the Citrix Receiver is not able to see the remote server, something in the sophos firewall is blocking it, however i don't get any denied traffic in the logs for that IP address. 

    I don't have web filtering on and i will turn off IPS and test again to see if that has an impact. Could it be something to do with DNS?  All other traffic and applications are fine, just anything that uses the citrix reciever. 

    Thanks 

Reply
  • Thanks Emmanuel, I tried that but unfortunately it still didn't work. 

    It looks like the Citrix Receiver is not able to see the remote server, something in the sophos firewall is blocking it, however i don't get any denied traffic in the logs for that IP address. 

    I don't have web filtering on and i will turn off IPS and test again to see if that has an impact. Could it be something to do with DNS?  All other traffic and applications are fine, just anything that uses the citrix reciever. 

    Thanks 

Children