Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 37 subscribers
  • Views 872 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AWS Ipsec Traffic Stops

Max Roberts

Hi,

We have 8 sites connecting to AWS via Ipsec VPN. Every now and then at one of the sites the traffic flow stops and AWS alerts us to this through Cloudwatch. Traffic stops flowing through the VPN but Sophos says it is still connected. Only one site will have the issue, the others are fine. The only way to resolve this is to Deactivate and Reactivate the VPN in Sophos. We have attempted to resolve this by pinging the Sophos firewall on a regular basis from AWS but the problem still persists. I thought Dead Peer Detection would detect this but it doesn't.

Can anyone suggest how to prevent this from happening?

Thanks,

Max



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    Could you please post snapshot of 'Key negotiation tries' & 'Dead Peer Detection' of both the ends along with their gateway type(initiate the connection/respond only)?

    Are you able to see any child SA termination events in the log viewer at the time of instance)?

    Logviewer > System > Apply filter with Value: IPsec

  • 0 in reply to FormerMember

    HI,

    Key negotiation tries are set to 0. DPD below:

    I found the following in the logs at that time:

    SYSTEM
    2021-04-23 16:44:49
    IPSec
    Deny
    received IKE message with invalid SPI (79BAFE18) from other side
    18050

    Cheers,

    Max

Reply Children
No Data
Unfiltered HTML