This article describes the behavior of the tunnel status or connection details on the auxiliary appliance Web Admin console by clicking on the icon. The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
In this scenario, two Sophos XG Firewalls are configured in HA and has an established IPsec connection that is working properly. The administrator signs in to the auxiliary appliance Web Admin console and tries to check the IPsec SA status or connection details by clicking on the icon. The administrator then noticed that the IPsec SA or connection details are unavailable even though the IPsec tunnel is established.
Operation performed from the auxiliary appliance Web Admin console by clicking on the icon:
Output on the auxiliary appliance Web Admin console:
This is the normal behavior. The tunnel status or connection details on the auxiliary appliance Web Admin console is not available because this operation is not permitted from the auxiliary appliance. The behavior is true with the HA Active-active or Active-passive configuration.
The administrator must check the tunnel status or connection details on the primary appliance only.
Actual output on the primary appliance Web Admin console:
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.