Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 6715 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site-to-Site IPSEC suddenly stopped passing traffic

BrianGleason

I have had a Site to Site IPSEC connection established for years and all of the sudden it has stopped passing traffic...

Both systems UTM 9.509-3

Here is a tcpdump of the source (Respond only GW) UTM ipsec connection:

here is a tcpdump of the destination (Initiate Connection GW) UTM ipsec connection

You can see the traffic go out, hits the destination, and when the destination replies, you do not see the reply back on the source... I am using auto firewall rules and nothing has changed on either config short of just patching the UTMs. The connection is showing Green in Site-to-Site. I am at a loss for what could have suddenly started to cause this issue...

Any thoughts...?



This thread was automatically locked due to age.
Parents
  • 0

    Sometime, an Up2Date "breaks" something in a configuration.  I would make a new backup and then restore the backup made before the last series of Up2Dates was applied.  That probably won't fix this, so you would want to restore the new backup, disable the current IPsec Connections and try with new Remote Gateways and IPsec Connections.  Does that give you a good connection?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Rolled back prior to when I can recall it working and still no luck.. Back to 9.504-1 I believe and it did not start working, so that leads me to believe it is something environmental. I just have no idea what since nothing changed at the source and destination. And since it is a vpn/tunnel protocol, I cant imagine any ISP change having any affect on it since that dependency should be removed once the tunnel is established...

  • +1 in reply to BrianGleason

    Weirdest %$@# ever... I reset the router, there is actually an edge router that sits between the destination edge and the internal sophos device, and even though the IPSEC connection was getting established through that device, it was not passing the traffic back. After reseting that edge device, all was right with the world... Messed up, but I guess ok...

Reply
  • +1 in reply to BrianGleason

    Weirdest %$@# ever... I reset the router, there is actually an edge router that sits between the destination edge and the internal sophos device, and even though the IPSEC connection was getting established through that device, it was not passing the traffic back. After reseting that edge device, all was right with the world... Messed up, but I guess ok...

Children
No Data
Unfiltered HTML