Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 918 views
  • Users 0 members are here
Options
Suggested

Sophos XGS site-to-site SSL VPN static IP address for client

VGDtech

Hello,

I have Sophos XG 2300 with firmware 19.5.3 MR-3.

I'm trying to set a static IP address for a site-to-site SSL VPN client. Is there any way to achieve this?

Whatever I do it keeps getting leased IP address from Global DHCP pool or the VPN connection does not work.

I would like to set a firewall rule only for this VPN connection but I am unable to do so since no user or group can be used.



Edited TAGs
[edited by: emmosophos at 7:58 PM (GMT -7) on 5 Jun 2024]
Parents
  • 0
    VGDtech said:
    Whatever I do it keeps getting leased IP address from Global DHCP pool or the VPN connection does not work.

    You mean to say you are not able to reach subnet over site to site ssl vpn connection ?

    Regards

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    Hello,

    it seems the issue is with OpenVPN community version. When I check "Use static virtual IP address" and fill in the address which I would like it fails to connect with a message: ERROR: There is a clash between the --ifconfig local address and the internal DHCP server address -- both are set to XXX.XXX.XXX.XXX -- please use the --ip-win32 dynamic option to choose a different free address from the --ifconfig subnet for the internal DHCP server.

    When I use OpenVPN connect I am able to connect to the VPN and I have the address which has been set. I have tried several different IPs, OpenVPN 2.6.10 or 2.6.9 fails to connect, OpenVPN connect connects with ease.

Reply
  • 0 in reply to Bharat J

    Hello,

    it seems the issue is with OpenVPN community version. When I check "Use static virtual IP address" and fill in the address which I would like it fails to connect with a message: ERROR: There is a clash between the --ifconfig local address and the internal DHCP server address -- both are set to XXX.XXX.XXX.XXX -- please use the --ip-win32 dynamic option to choose a different free address from the --ifconfig subnet for the internal DHCP server.

    When I use OpenVPN connect I am able to connect to the VPN and I have the address which has been set. I have tried several different IPs, OpenVPN 2.6.10 or 2.6.9 fails to connect, OpenVPN connect connects with ease.

Children
Unfiltered HTML