I am trying to achieve a roadwarrior VPN Access solution where users on Windows 10 clients can At the office, log in as usual without any VPN On the road, via mobile broadband, at windows login perform a windows domain logon via VPN. When VPN is connected all traffic is going through the tunnel. UTM should be able to detect windows domain log on and log off => user related rules. (STAS is installed on the DC to solve this for domain log in and domain log off) I have been testing IPsec over L2TP which solves all requirements despite the third one. It seems that not all traffic is going through the tunnel? Looking at the client routing table, I can only see the local UTM network when connected. If the UTM have site2site tunnels to other UTMs, the traffic to remote UTM:s are obviously not going via the L2TP VPN tunnel. Can anyone point me to a solution?

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote VPN access on Windows 10 domain login including routes to remote sites

I am trying to achieve a roadwarrior VPN Access solution where users on Windows 10 clients can

At the office, log in as usual without any VPN
On the road, via mobile broadband, at windows login perform a windows domain logon via VPN.
When VPN is connected all traffic is going through the tunnel.
UTM should be able to detect windows domain log on and log off => user related rules. (STAS is installed on the DC to solve this for domain log in and domain log off)

I have been testing IPsec over L2TP which solves all requirements despite the third one. It seems that not all traffic is going through the tunnel? Looking at the client routing table, I can only see the local UTM network when connected. If the UTM have site2site tunnels to other UTMs, the traffic to remote UTM:s are obviously not going via the L2TP VPN tunnel.

Can anyone point me to a solution?

This thread was automatically locked due to age.

Parents

0 ErikFranzén over 6 years ago

This thread has information about routes for L2TP which not Sophos UTM supports. So apparently L2TP is not the solution?

What about Sophos commercial VPN client? Is has not support for connecting VPN at Windows logon screen (as L2TP over IPsec has). But If I log on locally and then connect the VPN, I can rely on the user based rules in UTM? But what happens to all the Windows domain stuff which is normally happening when the client computer is connected to the DC during domain log on?

There must be people out there which has done this?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 ErikFranzén over 6 years ago

This thread has information about routes for L2TP which not Sophos UTM supports. So apparently L2TP is not the solution?

What about Sophos commercial VPN client? Is has not support for connecting VPN at Windows logon screen (as L2TP over IPsec has). But If I log on locally and then connect the VPN, I can rely on the user based rules in UTM? But what happens to all the Windows domain stuff which is normally happening when the client computer is connected to the DC during domain log on?

There must be people out there which has done this?
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data