SSL VPN Config - Unable to reach other networks?

I've successfully setup my first SSL VPN for remote access into my network, I can immediately access the listed first subnet, my internal infrastructure.

However, I also want to be able to access two other subnets, they're listed in the SSL VPN profile. But unreachable when connecting.

From my research, I think I'm missing an SNAT? rule or some other form of network management.

The two additional subnets ARE reachable (ping) via the UTM, they're handled by a TP-LINK Omada setup which is connected to the UTM. Nothing fancy there, no firewalls etc. The UTM itself can ping IPs in those subnets without issue.

Wondering if someone can help me point in the right direction here?


Range Desc. Gateway Reachable Via UTM (ping) Reachable Via SSLVPN (ping) Personal LAN TP-LINK, yes no Persoanl Infra TP-LINK, yes no Server Infra UTM. yes yes SSL VPN POOL UTM. yes yes

  • you need the SSL-VPN-IP-Range within the PT-Link-VPN too.

    Or you masquerade/SNAT the SSL-VPN-Traffic with an IP allowed within TP-Link-VPN.


    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.