Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 3 subscribers
  • Views 8317 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't see PC's over VPN

Marc F

Hey guys,

 

so at this point I'm super frustrated. I tried to set up a VPN for many hours now, but I can't see anything inside the network once im connected. This problem exists under SSl as well as PPTP. Both connect just fine, but I can't connect to the server inside or even ping it. I can see the traffic in the log going from the 10.242.1.x to 192.168.2.x but all of it gets blocked, even though i set up a rule to allow it. While logging I also saw many connections tried to IPs I don't know, starting with 40.x.x.x etc. are these just automatic things like Skype for Business, Outlook etc. ? Maybe I did some rookie mistake, I posted pics of my firewall and NAT configuration below.

I hope someone can help me with this, I'm certainly desperate at this point ..



This thread was automatically locked due to age.
  • 0

    Hi Marc,

    Please post a screenshot of your VPN configuration.

    First of all the vpn security association (IP based) should match, then the firewall policy rules are tested.

     

    Chris

    PS: Gerne auch in deutsch.

     

    Sophos Certified Architect (UTM + XG)

  • 0 in reply to CS

    Musste wissen, mir ists egal ob deutsch oder englisch ;)

     

    Also ich habe es versucht, indem ich der VPN einen anderen Bereich des gleichen Subnetzes wie Intern zu geben, aber auch mit der standard 10er IP (kenn mich nicht wirklich mit den Subnetmask geschichten aus, wollte testen ob das vielleicht ein Problem war) Wenn du noch Bilder von der Konfiguration brauchst sag bescheid

  • 0 in reply to Marc F

    Die Gruppe VPN Users enthält meinen account

  • 0

    Rather than the "VPN Users (User Group Network)" object in those rules, I would use the "VPN Pool (SSL)" and "VPN Pool (PPTP)" objects.  Remember that pinging is regulated on the 'ICMP' tab of 'Firewall', so confirm that you've allowed it there.  Once you've made those changes, do #1 in Rulz.  What do we know now?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    VPN (PPTP) is allowed as rule 3 already ? Or did I understand you wrong? I'm only working on pptp now just to get it working first.
    ICMP was blocked, I allowed it now and pings work, but I can't access data on pc's inside the network

  • 0 in reply to Marc F

    You say you "can't access data on pc's inside the network" - what exactly are you trying to do and what failure do you see?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    When I'm in the file explorer and type in the ip i get a connection error.

Unfiltered HTML