1. Purpose
To connect to the internal NIC for Web Admin of the UTM
under VPN (SSL and/or L2TP/IPsec) (through squid proxy)
2. Procedure
2-1. The proxy config of MS L2TP/IPsec client didn't work
it always goes thru proxy.
2-2. squid config
# vi /etc/squid/squid.conf
acl to_utm201712 dst a.b.c.d/32 # a.b.c.d = IP of Web Admin
: ... snip ...
acl SSL_ports port 443
: ... snip ...
acl CONNECT method CONNECT
: ... snip ...
http_access allow CONNECT to_utm201712
http_access deny CONNECT !SSL_ports
# /etc/init.d/squid restart
2-3. Sophos UTM Home Edition
Management -> WebAdmin Settings
Allowed Networks : hopefully limited to internal and VPN Pool IPs
No comments:
Post a Comment