Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.

Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 37 subscribers
  • Views 1541 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site-to-site (XG to XG) tunnel interface breaks during dynamic IP change

njabi

Hi folks,

Running an XG in my office I succesfully set up a RBVPN through tunnel interface between this XG and another XG in my branch offic
The office running with a static public IP while the branch office has a dynamic public IP changing every night.
The branch office's tunnel interface is set to 'initiate connection' and tunnel interface on headquarter site is 'respond only'.
Furtheron the Gateways adress on headquarter site is set to a DDNS provider.

The case here is, that after changing the IP during dyn-IP process in the night, the tunnel seems to get inconstident!
VPN IPsec connection tab tells me 'Active - green' and 'Connection - green' but no traffic is submitted.

Workaround so far - reconnect the tunnel and all works fine until next dyn-IP change.



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to FormerMember

    Good day - for sure it kept changing and will in the future, since it is a dynamic ip-adress by ISP.
    IMO the responder should know whether the connection is down due to ip change, but connection kept stable after that and traffic is not going through.

Children
No Data
Unfiltered HTML