Hello,
I'm not an expert (for the moment) on Sophos.
For a customer that has an XG Firewall, he asked to configure a SSL VPN connection.
As I already done this some years ago on a privous Sophos Router, it should be possible ;-)
But the LAN/WAN was not the same.
Here, I have 1 LAN port and a VLAN interface (for Guests WIFI) on Port1
And 2 WAN connection on Port3 (4G Mobile router) and Port4 (a very old and slow ADSL router).
We have working :
- WIFI guests is routed to internet throw the slow ADSL
- LAN is routed to internet throw the 4G mobile link
It's done by a SD-WAN profile with the 2 WAN interfaces selected (and standard SLA for best ping response time).
But there is also 2 SD-WAN routes :
- 1 from LAN to WAN with 4G as primary gateway and ADSL as secondary gateway
- 1 from WIFI to WAN with only ADSL as primary gateway
When connected to a LAN server, we have checked and it's the 4G mobile that is used.
Also working is the newly created SSL VPN connection. For remote access, we connect only throw the 4G mobile link (25-30Mbps).
We have access to LAN and also to internet (it's not a split tunnel)
But when, during a SSL VPN session, we tried to access internet, we have seen that it's not the 4G link that's used, but the very slow (less than 1Mbps) ADSL link.
I supposed it's because the SD-WAN profile selected the ADSL as the "best" connection .
So we have added a new SD-WAN (from VPN to WAN, to specify 4G modem as primary gateway and ADSL as secondary gateway.
But, now, from a SSL VPN session, we don't have access anymore to the local DNS server hosted on a Windows server.
Neither ping nor nslookup are working.
Someone has an idea ?
Added TAGs
[edited by: Erick Jan at 8:56 AM (GMT -7) on 30 Jul 2024]
