Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 39 subscribers
  • Views 643 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED-RED Tunnel with XG 17.5.14-1 and XG 18.0.4 no Data passing tunnel

juergenb52

Hi,

i have a critical case with a RED60 loosing ARP / DHCP and no traffice, so i tried and i would like use two Sophos Firewalls during debugging.

So i have a XG 17.5.14-1 and a XG 18.0.4, both with public IP´s and with a RED-RED Tunnel config from this url: https://support.sophos.com/support/s/article/KB-000036362?language=en_US

The tunnel is up and i have rules on both firewalls allowing traffic from LAN/ANY to LAN/ANY for all Services.

I can see data in tcpdumps on the Head Office.

I have static rules in both locations, but data is not passing the firewalls at all.

Can this a problem of XG 17/18 or a setup problem?

Head Office 192.168.0.0/24, Gateway 192.168.0.254, reds IF 192.168.0.239, (Public IP on PortE1 (Static) and PortE5 (DCHP/VDSL)

Brach Office 192.168.30.0/24, Gateway 192.168.30.254, red IF 192.168.30.239, Public IP on PoerE1 (static)

RED in Head Office

Routing at Head Office

Routing in Branch Office

Firewall at Head Office



This thread was automatically locked due to age.
  • 0

    Hi : As per your information you are getting packets in TCPDUMP at HO. Are you observing any drop packet during issue time on HO XG? Also at the same time if you are trying to PING red Interface IP from the device behind RED what is the observation for TCPDUMP and drop packet on HO XG? 

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to Vishal_R

    Hi Vishal,

    i am not shure if my setup if ok. i Tried to get this working with XG 17.5 or 18.0 Documentation.
    But Documentation is talking about Options, that are not availabe in the GUI for RED Server Interface.

    And it doesn´t explaind the use of RED Interface Network.
    Currently i think the RED Interface is a network, that will be used in both XG Server for communication.
    And that i can use a private LAN...

    I found an egypt youtube video by Next Era, but not in english.
    Is there any youtube from sophos explaing the use of  site-to-site RED tunnels

    Thanks

    Jürgen

Unfiltered HTML