Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 1 subscriber
  • Views 1287 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cisco VPN to 3 Networks

unst
Hi all,
today i activated the Cisco VPN and after i removed the domain name unter RemoteAccess -> Advanced it worked well.
But when i put more than 1 "local network" in the box on the configuraiton site i can only access the very first network.

i tested it. it always just set the route to the first network.
have a look at the screens please.

do you know how i can tell the client or the asg to set routes to all networks?
thanks!


This thread was automatically locked due to age.
Parents
  • 0
    This question came up in another thread.  This error is fixed in V8.002, I think.  The workaround is to put all of the networks into a network group and use the group in 'Local networks' instead of the individual networks.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    This question came up in another thread.  This error is fixed in V8.002, I think.  The workaround is to put all of the networks into a network group and use the group in 'Local networks' instead of the individual networks.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    hi, thank you for the workaround. i will test it as soon as possible.
    i have installed the 8.002 seems like it is not fixed...
  • 0 in reply to unst
    hi, i tried your suggestion but i am not able to add a network group to the "local networks" box on the cisco-vpn site.
  • 0 in reply to unst
    hi, i tried your suggestion but i am not able to add a network group to the "local networks" box on the cisco-vpn site.


    Could you post the output of the command `ipsec pool --statusattr` in a root shell, please.

    Yes, here it is: 

    sz1asg01:/home/login # ipsec pool --statusattr

     type  description           pool              identity        value

        3  INTERNAL_IP4_DNS                                        192.168.17.151

        3  INTERNAL_IP4_DNS      REF_zbgxvTbqmR                    192.168.17.151

    28676  UNITY_SPLIT_INCLUDE   REF_zbgxvTbqmR                    192.168.17.0/255.255.255.0,192.168.17.0/255.255.255.0

    28676  UNITY_SPLIT_INCLUDE   REF_zbgxvTbqmR                    192.168.125.0/255.255.255.0,192.168.125.0/255.255.255.0

    28676  UNITY_SPLIT_INCLUDE   REF_zbgxvTbqmR                    192.168.15.0/255.255.255.0,192.168.15.0/255.255.255.0
Unfiltered HTML