Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945
Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!
We'd love to hear about it! Click here to go to the product suggestion community
We have several site-to-site VPN tunnels to Microsoft Azure. We recently installed a Sophos XG firewall, and have had problems with the VPN tunnels ever since. The tunnels will perform fine for a while, but 2-3 times per day, the throughput will slow to a crawl. We are unable to use RDP or SQL through the tunnels until I manually disconnect / reconnect the tunnel.
I am hoping that someone here has had a similar problem and knows how to fix it. Sophos support has been unable to resolve the problem, and the ticket is still open. I've attached screenshots of the relevant settings on the firewall.
Please help. This is extremely annoying and is wasting my developers' time as they have to stop what they are doing and get someone to reset the tunnel.
I've failed over to the secondary Sophos XG unit (we have two in an HA configuration), and the tunnel stability has improved. If this trend continues for a few days, I think we may have a defective unit and I will start an RMA.
In reply to Bryan Gritton:
The tunnel has been failing on the secondary unit. Whatever is wrong here is happening on both firewalls.
You should enable Re Keying.
In reply to LuCar Toni:
Per Sophos documentation, re-keying should be disabled. https://community.sophos.com/kb/en-us/127546#Configure%20Sophos%20XG%20Firewall