This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port 80 & 443 VPN SSL site-2-site

Bonjour,

J'ai un serveur web (port 80 et 443) qui n'est pas accessible de mon site principal en VPN SSL site-2-site.

Est-ce normal ?
Comment contourner ?

 

Hello,

I have a web server (port 80 and 443) that is not accessible from my main site in SSL VPN site-2-site.

Is that all right?
How do we get around it?



This thread was automatically locked due to age.
  • Salut Alexis,

    Je ne suis pas certain d’avoir bien compris ta topologie. C’est un utilisateur a l’intérieur du site principal qui ne peut pas accéder au serveur web ? Ou bien quelqu’un a l’extérieur qui essai d’y accéder via un IP publique du site principal.

    Une autre question serait si on avait DNS divisé au site principal.

    ---

    I'm not sure that I've correctly understood your topology. Is it an internal user in your main site that can't get to the web server?  Or, is it an external user that's trying to get to it via a public IP at the main site?

    Another question would be whether you have split DNS at the main site.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Bonjour,

    Voici un petit schéma pour exprimer mon besoin :

     - J'ai 2 site relié en VPN SSL Site-to-Site, avec le Site A côté serveur du VPN SSL et le Site B côté client du VPN SSL;
     - Depuis le le PC su Site A je voudrais accéder à l'interface web du copieur (Print) du Site B;
     - Cet accès web ce fait sur le port 80 ou 443;
     - Le ping du PC vers le copieur (Print) fonction.

    Mon problème viens à ce moment la impossible d'y accéder en utilisant ces ports, j'ai un Timeout.

     

    Hello,

    Here is a little diagram to express my need:

     - I have 2 sites linked in SSL Site-to-Site VPN, with the Site A server side of the SSL VPN and the Site B client side of the SSL VPN;
     - From the PC on Site A I would like to access the web interface of the Print of Site B;
     - This web access does this on port 80 or 443;
     - Ping from PC to Print work.


    My problem comes at this time the impossible to access it using these ports, I have a timeout.

     

  • My guess is the following in order of how common it is. 

    1. You have transparent web filter and should bypass the other side of the tunnel in the destination skip list

    2. Firewall rule is missing. Ping would work if you have it enabled in the global settings. 

    3. Maybe an MTU issue.

  • I vote for 1.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA