Sophos UTM9 - SSL VPN - Cannot connect to intranet sites through VPN

Hello everyone, i have a problem and i'm not able to fix it.


I have a Sophos UTM 10.1.99.254 VLAN99 (transfernet) and SSL VPN activated.

I have a CoreSwitch 10.1.99.1 VLAN 99 and a Windows 10 Computer in VLAN 1111 behind the the switch (Switch is GW for VLAN 1111)

Static route 0.0.0.0 to 10.1.99.254 on the switch

When i try to access the IIS on the Machine on Port 80 nothing happens and im running into a timeout. Paketfilter rule from myusername_network ==> Windows10 Computer in VLAN 1111 is active

when i add the SSL VPN Pool to allowed neworks on the web Proxy i can access Port 80 IIS Website but not the Tomcat Service on Port 9090 or the IIS on Port 8080

My question is: What is wrong? What am i missing here? I thought that i dont have to use the web proxy for the VPN...

I really appreciate any help! Thank you for your time

Best regards Thomas

  • Hallo Thomas and welcome to the UTM Community!

    It's difficult to say what your issue might be...

    I'm assuming that you don't see anything relevant in the Firewall log.

    In Transparent mode, the Proxy only handles HTTP (80) and, optionally, HTTPS (443).  If you use the Proxy explicitly in your browser, you can also use 9090 and 8080 if they are in 'Allowed Target Services' on the 'Misc' tab of 'Filtering Options'.

    If you're getting a public IP from DNS, then you might need a Full NAT in addition to a DNAT.  Or you might change the way you have DNS configured.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA