This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ssl VPN multiple wan one hostname

Hello, my question is this,

I am using UTM9, I have 2 WAN interfaces and each and every one does have a different PUBLIC IP

I manage to configure the wan 1 and wan 2 interfaces without problem.

but when configuring the ssl vpn it only gives me the option of putting a single host, and when wan 1 goes down, they can't connect to wan 2.

Is it possible to add another host so that they can connect to wan 2 from outside?

I hope my question is understood.

Waiting for your kind reply

---

Hola, mi duda es la siguiente,

Estoy usando UTM9 tengo 2 interfases WAN y cada y no tiene su IP PUBLICO distinto

Logro configurar los interfases wan 1 y wan 2 sin problema.

pero al momento de configurar el ssl vpn solo me da opción de poner un solo host, y cuando se cae el wan 1 no logran conectarse al wan 2.

Es posible adicionar otro host para que se puedan conectar al wan 2 desde fuera? 

Espero se entienda mi duda.

A espera de su amable respuesta.



This thread was automatically locked due to age.
  • Hola,

    you need to edit the (name of your connection).ovpn file like this:

    remote 11.22.33.44 (put your first public IP) 8443 (put your VPN-port)

    remote 55.66.77.88 (put your second public IP) 8443 (again, the VPN-port)

    On the SG server-side you have to change the interface in case of a link failure manually, as there is only one entry in the GUI.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • Thank you very much for answering.

    I will try and I comment

  • Hola Edson and welcome to the UTM Community!

    Thanks, Philipp - I didn't realize one could have two remote entries in an ovpn file!

    I think that as long as you have 'Interface address: Any', the SSL VPN Remote Access server will answer on any IP on any interface.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA