This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Restricting SSL VPN

Hello Sophos-Community,

 

my problem is the following:

I am trying to set the following permissions for our ssl vpn:

access to 192.168.13.0

access to 192.168.13.11, but just a specific port.

It shouldnt be a firewall deny or discard rule because the other traffic should be handled over the clients external internet and not over the vpn.

It has to be handled with our Firewall and not via clientside routing.

 

To explain: we've got an exchange server and published autodiscover recently, now I want my vpn users to still connect their mail-postboxes via their internet and not over vpn, they should only use vpn for network data exchanging. Our Exchange is used as Mail Server but is also used for data our workers need to work with.

 

I hope someone can help me.

Thanks in advance.

 

Greetings

Marcel



This thread was automatically locked due to age.
Parents Reply
  • What application are we talking about?   Outlook?  Outlook Anywhere?   Phone ActiveSync?

    Is there a WAF site in front  of Exchange in any configuration?

    Autodiscover is used for setup of Outlook and ActiveSync.   Once it is done, the hostname is stored.   So we need to figure out which name is not resolving the way you want.   

    But I also do not understand what security problem you are trying to solve, and why.

Children
No Data