Register Now

Login

Lost Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

Sophos UTM: Unable to connect to SSL VPN through back up interface

Issue:

When user firewall active interface is down, he was unable to connect to SSL VPN through back up interface. He was getting cannot resolve address logs in VPN.

Resolution-1:

It means SSL VPN client is trying to connect to SSL VPN server using host name and DNS is resolving it to primary IP of the firewall.

So in that case host name must be resolved to both the IP secondary IP address when primary IP is down.

If we were able to resolve hostname to secondary IP address, then add interface group under remote access >> SSL >> settings which consists of both interfaces.

SSL VPN settings
SSL settings

After making these settings, when client is connecting with host name it will reach the secondary IP and since we kept interface as “any” it will accept SSL connection.

Resolution-2:

There is another way if you want to manually trigger SSL VPN to second interface in case if the primary interface is down.

You need to access remote access >> SSL >> settings

In place of Override hostname give the secondary IP address as shown in below screenshot

Override hostname
Override hostname

But in this case, you might need to download the SSL VPN client again from the user portal and try to access it again.

Hope this article helps you.