Hi.
I am having an issue connecting (even pinging) remote hosts on the other side of a site-to-site IPsec VPN tunnel. I can't seem to troubleshoot it, even though everything was working fine a month ago.
Here's the setup: <192.168.1.0/24> - <UTM A> ===tunnel===<UTM B>-<192.168.30.0/24>
Both Sophos UTMs are completely up to date. Using pre-shared key. UTM A is imitating. The tunnel looks fine (establishes fine, says its up under/green site-to-site), and I can access the webadmin for both UTM A and B from 192.168.1.0 (so some stuff is going through the tunnel just fine).
I can ping 192.168.30.1 (the UTM) from 192.168.1.0/24, but any other host is "destination unreachable". Tracert to 192.168.30.1 is fine, but tracert to 192.168.30.14 fails (and I know the host is up).
I thought the IPsec settings took care of all the routing, so I don't have any static routes or masquerading or NAT set up...it should just work, no? It did previously!
Anyone know how to troubleshoot? How would I check the routing tables in UTM B? Why are packets getting lost on their from, say, 192.168.1.10 to 192.168.30.14?
This thread was automatically locked due to age.