only X0 LAN subnet is reachable with SSLVPN connexion
mimiz
Newbie ✭
Hello !
today i have this problem:
I have two LANs on two two interfaces X0 and X3
the L2TP server is configured on a range of X0, when I connect with an L2TP VPN client, I manage to join all the resources of the X0 subnet, but not those of the X3 subnet.
However, I added two rules (SSLVPN to LAN and LAN to SSLVPN) by correctly setting the IP ranges.
what's weird is that I did a test by changing the L2TP server pool on a range of X3: and there everything works: I manage to join the resources of X0 and X3.
thank you in advance for your help
Category: Entry Level Firewalls
0
Answers
You need to configure Client Routes as well in SSLVPN [an annoying defect of the SSLVPN implementation, IMO], it's not enough to just allow user access to the network.
Can you clarify whether you mean L2TP or SSLVPN?
thanks @Arkwright !
the Client Route is configured to LAN subnets, i imagine that X0 and X3 are included, am i wrong?
i'm using L2TP server to connect the client throught L2TP via IPSec config with login, password and sharedKey
i configure my local users , i added them to SSLVPN group, to allow them to connect.
the VPN Access is set on LAN subnet
and the client route (SSL VPN -> Client setting is also configured on LAN Subnets)
But Why when i change the L2TP server pool on a range of X3: everything works: I manage to join the resources of X0 and X3.
I've never configured a Sonicwall as an L2TP server so I cannot offer you much help on that front. This also means I have no idea if SSLVPN Client Routes are relevant to L2TP clients. What instructions are you following here?
If X0 and X3 are both in LAN zone then "LAN Subnets" object would include both interface's subnets.
yes i think so' ! but it seams not work ! i will open a case at sonicwall.
thanks @Arkwright
Try using the individual address objects for X0 and X3 subnets in the SSLVPN Client routes. I have seen where groups aren't dealt with properly.