This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Restricting SSL VPN

Hello Sophos-Community,

 

my problem is the following:

I am trying to set the following permissions for our ssl vpn:

access to 192.168.13.0

access to 192.168.13.11, but just a specific port.

It shouldnt be a firewall deny or discard rule because the other traffic should be handled over the clients external internet and not over the vpn.

It has to be handled with our Firewall and not via clientside routing.

 

To explain: we've got an exchange server and published autodiscover recently, now I want my vpn users to still connect their mail-postboxes via their internet and not over vpn, they should only use vpn for network data exchanging. Our Exchange is used as Mail Server but is also used for data our workers need to work with.

 

I hope someone can help me.

Thanks in advance.

 

Greetings

Marcel



This thread was automatically locked due to age.
Parents
  • Hi Marcel,

     

    you need to create Firewall rules for the VPN Users as Source.

    Since the Firwall rules are processed from top to bottom you have to start with the

    specific port rule.

     

    Rule1. access to 192.168.13.11 + Port

    Rule2  access to 192.168.13.0

     

    Regards

    Jason

    Regards

    Jason

    Sophos Certified Architect - UTM

Reply
  • Hi Marcel,

     

    you need to create Firewall rules for the VPN Users as Source.

    Since the Firwall rules are processed from top to bottom you have to start with the

    specific port rule.

     

    Rule1. access to 192.168.13.11 + Port

    Rule2  access to 192.168.13.0

     

    Regards

    Jason

    Regards

    Jason

    Sophos Certified Architect - UTM

Children