Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 38 subscribers
  • Views 3885 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

can not ping from one Sophos SSL VPN client to another Sophos SSL VPN clinet

Vinay Pal

Hi All,

I have two laptops configured with Sophos SSL Client 2.1.

Scenerio:

Laptop A: SSL Client is installed        PC A: SSL client is installed. bth

Note: both laptops are out of the internal network. both can access the internal network resources.

Problem: both Laptop can not ping each other and can take the RDP of each other.

Please help me resolve this issue. 



This thread was automatically locked due to age.
Parents
  • +1

    Hi Vinay,

    I have recreated your problem and can provide you a solution:

    1. in the SSL VPN config please allow the SSL VPN clients to access the VPN subnet. To do this, go to VPN > SSL VPN (remote access) in the XG and open the corresponding SSL VPN Policy. Add the VPN subnet then as permitted network resource and save the config.





    2. Create a firewall rule and configure it to allow devices communicating in the VPN zone and on the VPN subnet. For security reasons just allow specific services and maybe also reduce the rule just to the devices that you want to communicate within the VPN subnet (see screenshot).



    3. Test again via ping command.

    Please share feedback if that worked out for you! If I was able to solve your problem, mark my answer as solution so that the thread can be closed.

    Have a nice weekend,

    Intrusus
    Sophos Certified Engineer | Sophos Certified Technician

    private lab:
    XG firewall with SFOS 18.0.3 MR-3
    Intercept X Advanced (for Server) with EDR EAP latest
    If a post solves your question use the 'Verify Answer' link

Reply
  • +1

    Hi Vinay,

    I have recreated your problem and can provide you a solution:

    1. in the SSL VPN config please allow the SSL VPN clients to access the VPN subnet. To do this, go to VPN > SSL VPN (remote access) in the XG and open the corresponding SSL VPN Policy. Add the VPN subnet then as permitted network resource and save the config.





    2. Create a firewall rule and configure it to allow devices communicating in the VPN zone and on the VPN subnet. For security reasons just allow specific services and maybe also reduce the rule just to the devices that you want to communicate within the VPN subnet (see screenshot).



    3. Test again via ping command.

    Please share feedback if that worked out for you! If I was able to solve your problem, mark my answer as solution so that the thread can be closed.

    Have a nice weekend,

    Intrusus
    Sophos Certified Engineer | Sophos Certified Technician

    private lab:
    XG firewall with SFOS 18.0.3 MR-3
    Intercept X Advanced (for Server) with EDR EAP latest
    If a post solves your question use the 'Verify Answer' link

Children
No Data
Unfiltered HTML