Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Subscribers 40 subscribers
  • Views 10271 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't reach UTM through VPN L2L

SamiSellami

Hi,

I've just setup VPN Lan2Lan on our Sophos XG allowing any traffic/service in the tunnel.

Everything's working fine except that I can't reach UTM ( Internal IP ) from remote LAN. Also I can't reach ( ICMP for example ) any remote host from UTM.

Thanks in advance for your help



This thread was automatically locked due to age.
  • 0 in reply to lferrara
    Hi Luk,

    Many thanks for your help, but it's not so clear for me and I wouldn't like to make a mistake. May you can help ?

    UTM XG
    LAN IP : 10.64.12.1 VPN L2L Cisco ASA
    Peer Address : 8.8.8.8 ==================> Peer Address : 8.8.4.4
    LAN : 10.64.12.0/24 LAN : 10.0.0.0/16
    10.0.0.0/16
    10.255.0.0/16
    10.3.0.0/16
    10.10.0.0/16
    10.7.0.0/16
    10.229.0.0/16
    172.28.0.0/16

    How can I make UTM XG can reach remote Networks and be reachable from them ?

    Thanks in advance
  • +1

    Soved thans to lferrara our Sophos Jedi Master !!  [H][Y]

    Command Lines for specific IP :

    set advanced-firewall sys-traffic-nat add destination <ip address>  snatip < XG Nated IP>

    system ipsec_route add host <ip address> tunnelname <tunnel name>

     

    For a network ( e.g 10.0.0.0/8 )

    set advanced-firewall sys-traffic-nat add destination 10.0.0.0 netmask 255.0.0.0 snatip < XG Nated IP>

    system ipsec_route add net 10.0.0.0/255.0.0.0 tunnelname <tunnel name>

     

     

Unfiltered HTML