Newbie451055 Lv2Posted 11 Jun 2024 16:56
  
Do you mean, you use Sangfor NGAF as the VPN Server?
If so, please check from your NGAF to the destination network, is it reachable or not.

And don't forget to setup proper configuration for SSL VPN, such as : define the users, define the resources, and define the roles for each/group of user(s).

thanks.
Zonger Lv5Posted 11 Jun 2024 22:03
  
Ensure that appropriate routes are configured to allow traffic from the SSL VPN subnet to reach the internal resources. Check firewall rules to confirm that traffic originating from the SSL VPN subnet is permitted to access the internal network. Additionally, verify DNS resolution and ensure that internal resources are reachable by hostname or IP address from the SSL VPN subnet.
Enrico Vanzetto Lv4Posted 11 Jun 2024 22:41
  
As previously mentioned, the issue typically stems from absent routing configurations. Please verify that your network has established routes from the SSLVPN subnet to the internal resources subnet, and vice versa. Additionally, inspect the firewall rules to ensure that traffic from the SSL VPN subnet is authorized to reach the internal network. Could you specify if the inaccessibility concerns particular internal subnets, or is it associated with certain clients or devices? Please make sure that the resources that you can't reach from vpn ssl has the correct gateway setted.
jerome_itable Lv3Posted 14 Jun 2024 08:28
  
There can be a few reasons why you're unable to access internal resources while connected to the SANGFOR SSLVPN subnet.

Here are some troubleshooting steps you can try:

1. Check Route Configuration:

    Static Route: Verify if a static route is configured on the SSLVPN appliance to reach your internal network (192.168.x.x in your case). This route should point to the gateway that connects the SSLVPN appliance to your internal network switch.

2. L3VPN Resource Definition:

    Sangfor uses L3VPN resources to define reachable networks through the VPN. Check if the internal network you're trying to access is defined as an L3VPN resource on the SSLVPN server.

3. User Permissions:

    Ensure your user account has the appropriate role assigned. This role should have access to the L3VPN resource you created for the internal network.

I Can Help:

Change

Moderator on This Board

11
7
5

Started Topics

Followers

Follow

1
3
5

Started Topics

Followers

Follow

0
4
5

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
14
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders