Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 40 subscribers
  • Views 636 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec XG Initiate Site-to-Site with UTM

n33dfull

Hi,

is it possible to configure a site-to-Site IPSec-Tunnel between an.

 

XG 17.5.10  as Initiator with Public IP

 

and a UTM 9.5 with Public IP in only Answering mode.

 

If yes please share, IPSec Policys.

 

Problem is, on the XG Site we have 2 WAN Uplinks and we want to use Failover Groups(i thought we can only use these as initiator).

The Failover group in the UTM won't work correctly and I'm unable to access the UTM because it's a subcompany.

 

Regards

n33dfull



This thread was automatically locked due to age.
  • +1

    XG should be able to be a Respond Only Failover Group.

    It will try to terminate the session and listen to the other Interface, in case WAN1 is down. 

    Try to configure both tunnels with the same configuration.

    Verify, the Tunnel is up with one Tunnel only active. If so, configure the second interface with the same configuration.

     

    Use the SG Mechanism to configure the IPsec Failover on UTM site. 

    https://community.sophos.com/kb/en-us/118975

    __________________________________________________________________________________________________________________

Unfiltered HTML