This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec Site-to-Site VPN between Barracuda Firewall and SophosUTM = SophosUTM dropping ESP Packets - No Traffic going through the Tunnel

Dear all,

 

I have a serious problem with a VPN-Tunnel between a SophosUTM and a Barracuda CloudGen Firewall.

 

The Tunnel is established but I cant access anything from the other Site. When I run a ping I continuously see that ESP Packets between the 2 Public IPs defined in IPSec-Configuration are beeing dropped at UTM. After a research i found out that the ESP-Protocol have to be enabled at the "Servicedefinition" - I have done it and created a packet filter rule but no changes - still no traffic going through the Tunnel.

Does anyone have an idea what i can try next?

SophosUTM 9.509-3

 

Kind Regards,



This thread was automatically locked due to age.
  • Hallo and welcome to the UTM Community!

    You shouldn't have to create such an Allow rule as it's one that WebAdmin creates automatically.  Just to be sure that the basics are correct, please show us pictures of the Edits of the IPsec Connection, Remote Gate and IPsec Policy as well as the corresponding information from the Barracuda.

    My guess is that there's a mis-configuration in the Barracuda and that that's why it sends an incorrect ESP packet.  Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly.  Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file.  Please post one line corresponding to the one above.  That will help us diagnose the reason the packet was verworfen.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA