Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 41 subscribers
  • Views 2150 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MS Azure - IPSec Tunnel (S2S) with BGP Routing

CyberEagle

So I have borrowed the subject line from another post that was not answered in hopes that someone has some new information.  Here is my setup.  Changed IP for discussion.

HQ (Sophos XG 450) 1.1.2.1 >> IPSEC >> Azure Region A 1.2.2.1 >> Azure Peering >> Azure Region B 1.3.2.1

1. Region A to HQ using Sophos XG 450 and Azure site-to-site IPSEC - Connected and Working

2. Azure peering from Azure Region A to Azure Region B - Connected and Working

3. I CAN ping Region A from HQ.

4. I CANT ping Region B from HQ.

5. I CAN ping Region B from Region A.

I am thinking I need to setup BGP and I have this setup on Azure but I can't find any documentation on how to set this up from Sophos XG to Azure IPSEC anywhere.

Any assistance is greatly appreciated.



This thread was automatically locked due to age.
Parents
  • 0

    You need to add routing tables to your VNET Peers to get it working. My guess is that is missing.

     

    Add the HG network to a static route in your VNet peers and that should do it. As long as you have the B network in the tunnel in the XG as well.

     

    //Rickard

Reply
  • 0

    You need to add routing tables to your VNET Peers to get it working. My guess is that is missing.

     

    Add the HG network to a static route in your VNet peers and that should do it. As long as you have the B network in the tunnel in the XG as well.

     

    //Rickard

Children
Unfiltered HTML