Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN Client can connect but no traffic is generated to VPN zone

Angelone

Hi all,

I was able to use SSL VPN properly with Sophos XG v19. Now I've upgraded to v20 and I'm experiencing issue with SSL VPN.

To setup the SSL VPN I followed this guide: https://techvids.sophos.com/watch/wtqMJE1La6TkFjAiaT2d3H

I draw a network scheme to better explain how the network is configured:

I'm using an iPhone with OpenVPN installed as a client. It can connect and authenticate properly, the OpenVPN iPhone app shows that XG assigned the IP 10.10.70.1

I've a firewall rule that allow traffic from VPN to DMZ,WAN and LAN:

In the firewall log I can't see any traffic generated through the VPN, traffic flows regularly into the XG on port 8443 (I've check with tcpdump ssh-ing into XG firewall).

I've also tried to attach a Linked NAT rule to Masquerade (MASQ) all traffic that comes from VPN zone. The client can't reach any DMZ hosts neither any internet host (I would like to use the VPN as the default gateway).

Can anyone help me to solve this issue?

Thanks in advance



This thread was automatically locked due to age.
  • 0

    Hi Angelone,

    Thank you for reaching out to Sophos Community.

    We regret to hear about your experience. Let me ensure I understand you correctly.

    Your SSL VPN was working properly before the upgrade to version 20. 

    How about packet capture? Any traffic generated?

    I recommend contacting Sophos Support to check this issue further, and kindly share the case ID here. 

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0

    Hello community,

    I'm facing the same issue as . After upgrading my Sophos XG Firewall to v20, my VPN SSL clients using the OpenVPN app on Android devicescan no longer communicate with the network.

    The VPN clients successfully authenticate and receive an IP address but cannot access network resources. No configuration changes were made on the clients or firewall after the upgrade.

    I've tried restarting the VPN service and OpenVPN app on the devices, but the issue persists.

    Could you please advise if there's a known configuration adjustment required for OpenVPN clients or the Sophos firewall after upgrading to v20?

    Any help would be greatly appreciated.

    Thanks in advance!

Unfiltered HTML