Can't access external services from SSL VPN

Question

Hello. 
 Now that everyone is working remotely I've encountered a few issues accessing things outside our network from the SSL VPN. SFTP (SSH on port 22) is the main one of these. It connects fine from inside the office but not via the SSL VPN. 
 When I run a traceroute to something outside our network on the VPN it uses the UTM as the 1st hop then everything else times out, as if it doesn't have a route out. 
 What am I missing? I've looked in the firewall logs but there isn't a single entry for the SSL VPN subnet despite me creating firewall rules and enabling logging. I've also ensured there is a masquerading rule but still no luck. 
 Any tips appreciated!

PhilippRusch · Answer

Hello David, 
 then let's try to get this to work for you: 
 you need to add a route at the client to tell the IP packet with destination "special external services" to go through the Sophos SSL-Tunnel. 
 Example for a Windows client: route add 83.84.85.86 MASK 255.255.255.255 10.242.2.1 
 where: 83.84.85.86 is an example for a server-ip address, the mask is for a single host and 10.242.2.1 is the Sophos-Firewall gateway address if you are using the standard SSL-VPN-Pool. 
 Next you need to mask the SSL-VPN-Pool behind your IP-Address of your uplink-interface(s). 
 Then this should start to work ...