Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 27 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 36044 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Routing to internal network doesn't work

Peter Cosworth

Hi,

 

i set up a PPTP VPN by following this guide: https://community.sophos.com/kb/en-us/116036

The VPN connection works. However, i can't reach the local network, neither via RDP, ping or whatever.

A traceroute from an internal server to the vpn client stops at the gateway. Same happens from the client.

The firewall log shows that the rule is executed (green, when trying from both sites) but it doesn't seem to get through.

I also deactivated the local firewall but the issue is still the same.

 

Any ideas?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Peter Cosworth

    Have you checked the Firewall Advanced section Connection Tracking helpers? is PPTP ticked?

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • 0 in reply to Peter Cosworth

    and for one of the application we use internally (very old RDP outbound route) I had to create a DNAT rule.

     

    for traffic From RDP Server

    Using Service Microsoft Remote Desktop (RDP)

    Going to Ext/Int Interface (IP not network)

    Change Destination to Int/Ext Interface (IP not network, again)

     

    took me w while to work this one out with help from Sophos Support (on the phone for over 2 hours - very helpful - can't thank them enough)

     

    Hope this helps Peter

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • 0 in reply to Argo

    I don't understand, Jason - how about pictures?  Where's the RDP server?  Where are the clients?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to Peter Cosworth

    I would bet it's a routing issue. 192.168.43.0/24 is not the default for PPTP Pool on UTM, so I take it you have changed to accommodate it into some existing LAN. I would start by looking where the reply from your server to the packet coming from 192.168.43.2 if going. You might find out it's not going back to the UTM at all.

    Regards,

    Giovani

  • 0 in reply to giomoda

    I also tried different networks and used the default for L2TP. Nothing works.

    Anyone able to help me?

  • 0 in reply to Peter Cosworth

    Hi Peter.

    You should try a tcpdump on the internal interface while testing the communication and see if packets are getting through and back. This kind of issues normally lies on the fact that the destination server does not know how to reply to the packets it receives.

    Regards,

    Giovani

Unfiltered HTML