Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

S2S IPsec - Proto UDP

Gib GoDesk

Hey guys.

I'm investigating a problem and would like to know about your experience.

My Sophos in version 18.0.4 with a VPN IPsec Site 2 Site has constant drops in the UDP protocol in this VPN communications. Link VPN is ok and no packet loss.

I'm noticing that only in this UDP protocol I have drop.

FW rules are the most permissive at the moment.

What could it be and how could I investigate further?



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    Do you have UDP flood protection configured on your firewall? Where do you see the UDP traffic drops? Could you please share more details? 

    Thanks,

    • 0 in reply to FormerMember

      Thank's for your time.

      I don't have this protection enabled in my DOS settings.

      I couldn't identify reset connections in packet capture. I'm analyzing.

      I know it's something related to IPsec, because services like SIP, RADIUS, RDP - which use UDP protocol and constant connection failure. This only on VPN IPsec.

      I'll try to make some evidence as soon as I get some result in the capture. If you know another way to show what I'm looking for, I appreciate the tip.

      But any experience with this type of problem with IPsec will help me a lot.

      • FormerMember
        0 FormerMember in reply to Gib GoDesk

        Hi ,

        I'd suggest follow the instructions on the following KBA and see it helps: 

        The following command will help with the UDP traffic if you have unstable IPsec VPN connections:

        set vpn conn-remove-tunnel-up disable

        • When turned off, it won’t flush the connections when IPSec tunnels come up.

        Thanks,

        • 0 in reply to FormerMember

          I have the same issue with UDP connections over an IPSec tunnel. In my case it is an RDP Connection every few minutes the connection hangs for a few seconds. 
          Now we switched to an RED Tunnel and the RDP connection works as expected. 
          For this issue I have opened a Support case,...

          The "set vpn conn-remove-tunnel-up disable" didn't solve the problem.

          If a post solves your question please use the 'Verify Answer' button.

          • +1 in reply to Ben@Network

            Thank you Gentlemen for your time.

            Sorry for the lack of feedback. I had to take a break from work.

            I didn't find the problem, but I solved it by redoing the IPsec connection.