SSL VPN to Shared Folder on PC

I Have SSL VPN configured. I can communicate with my network remotely i can connect to my NAS no problems however im unable to connect to my desktop (Win 11 Pro) shared folder which i can access one im connected to the same network. Any help will be appreciated. Thanks.

Parents
  • Two reasons come to my mind: local firewall on the win11 station is disabled?

    Second: is the win11 station using the same default gateway as the NAS?

    Please check.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • The answer to Both Questions is yes. Both devices are using the same gateway and the firewall is enabled on the PC.

  • Disable that local firewall, please.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • Yes, it is as you suspected after disabling the firewall i was able to access the folders, however i don't want to leave this pc unprotected.

    Do you have any ideas on where i could start in windows firewall to resolve this.

    Any help will be appreciated

  • Usually the setting where it rejects traffic except for that in its own subnet - don't remember where that is.

    Another option would be to do something similar to 'SNAT : "VPN Pool (SSL)" -> "Any" -> {server with folders} : from "Internal (Address)".  See #5 in Rulz if you want to use this approach.

    That said, I routinely disable the Windows firewalls on PCs protected by the UTM - I haven't seen that PC-based firewalls reject bad traffic that the UTM allowed in.  Then again, I don't know how well those Win-11 firewalls today can protect PCs from attacks by malware on other internal devices.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Usually the setting where it rejects traffic except for that in its own subnet - don't remember where that is.

    Another option would be to do something similar to 'SNAT : "VPN Pool (SSL)" -> "Any" -> {server with folders} : from "Internal (Address)".  See #5 in Rulz if you want to use this approach.

    That said, I routinely disable the Windows firewalls on PCs protected by the UTM - I haven't seen that PC-based firewalls reject bad traffic that the UTM allowed in.  Then again, I don't know how well those Win-11 firewalls today can protect PCs from attacks by malware on other internal devices.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children