Unable to access internal resources from sslvpn

Newbie164021 Lv1Posted 10 Jun 2024 13:30

Unable to access internal resources from sslvpn subnet

pmateus has solved this question and earned 10 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

Hi,

This usually is related with missing routes. Try to check if your networks have routes from SSLVPN subnet to internal resources subnet and from internal subnet to sslvpn subnet too.
Is this answer helpful?
jerome_itable Lv3Posted 14 Jun 2024 08:28
  
There can be a few reasons why you're unable to access internal resources while connected to the SANGFOR SSLVPN subnet.

Here are some troubleshooting steps you can try:

1. Check Route Configuration:

    Static Route: Verify if a static route is configured on the SSLVPN appliance to reach your internal network (192.168.x.x in your case). This route should point to the gateway that connects the SSLVPN appliance to your internal network switch.

2. L3VPN Resource Definition:

    Sangfor uses L3VPN resources to define reachable networks through the VPN. Check if the internal network you're trying to access is defined as an L3VPN resource on the SSLVPN server.

3. User Permissions:

    Ensure your user account has the appropriate role assigned. This role should have access to the L3VPN resource you created for the internal network.
Enrico Vanzetto Lv4Posted 11 Jun 2024 22:41
  
As previously mentioned, the issue typically stems from absent routing configurations. Please verify that your network has established routes from the SSLVPN subnet to the internal resources subnet, and vice versa. Additionally, inspect the firewall rules to ensure that traffic from the SSL VPN subnet is authorized to reach the internal network. Could you specify if the inaccessibility concerns particular internal subnets, or is it associated with certain clients or devices? Please make sure that the resources that you can't reach from vpn ssl has the correct gateway setted.
Zonger Lv5Posted 11 Jun 2024 22:03
  
Ensure that appropriate routes are configured to allow traffic from the SSL VPN subnet to reach the internal resources. Check firewall rules to confirm that traffic originating from the SSL VPN subnet is permitted to access the internal network. Additionally, verify DNS resolution and ensure that internal resources are reachable by hostname or IP address from the SSL VPN subnet.
Newbie451055 Lv2Posted 11 Jun 2024 16:56
  
Do you mean, you use Sangfor NGAF as the VPN Server?
If so, please check from your NGAF to the destination network, is it reachable or not.

And don't forget to setup proper configuration for SSL VPN, such as : define the users, define the resources, and define the roles for each/group of user(s).

thanks.
Taha Lv2Posted 11 Jun 2024 15:56
  
May there is wrong configuration at some end .Please follow the guide for correct configuration of ssl Vpn from support community .
Newbie517762 Lv5Posted 11 Jun 2024 15:24
  
HiHi,

Pls find the attached file the link - "Sangfor VPN Success Build Up But Some Subnet Cannot Ping To Other Side" for your Ref.
Sangfor VPN Success Build Up But Some Subnet Cannot Ping To Other Side.pdf (48.35 KB, Downloads: 125)
Newbie164021 Lv1Posted 11 Jun 2024 15:02
  
For NSF models, there a new features which you can customize the routing precedence on the network.
My problem is the firewall having problem send back the packet to the SSL Subnet, the resolution was to change the routing precedence and make the SSLVPN routes next to direct routes and that resolved my issue.
Newbie429120 Posted 11 Jun 2024 13:44
  
Hi there,
Sorry to hear about the trouble accessing internal resources from the SSLVPN subnet. Could you provide more details about the issue? It could be related to network configurations or permissions. Let's troubleshoot together to resolve this.
CLELUQMAN Lv4Posted 11 Jun 2024 12:57
  
can u verify if u can connect to the ssl vpn or no?

how many user are affected?

I Can Help:

Change

Moderator on This Board

11
7
5

Started Topics

Followers

Follow

1
3
5

Started Topics

Followers

Follow

0
4
5

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
14
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders