Problem with my SOPHOS IPSec Site to Site VPN Tunnels

Question

Hi to all SOPHOS Support, 
 
 Good day. 
 
 I am having a very weird issue with my VPN connection. From Site A (SOPHOS) to Site B (FORTINET) my VPN is in green mode and working. The problem all my PC from SITE B can ping and connect to SITE A. But SITE A computers cannot connect to SITE B. They cannot do ping, cannot see shared folders. But the VPN connection in VPN is in color green. I tried to restart the VPN still the same. Does anyone have any idea on how to fix this problem?

I tried to disable firewall policies still no go. 
 Any help will be greatly appreciated. 
 Thanks 
 
 Rodney

LuCar Toni · Answer

Changing the route precedence will only affect new connections. So it could cause a downtime, if the new connection uses a wrong route but should not affect existing connections.

emmosophos · Answer

Hello Rodney, 
 Thank you for contacting the Sophos Community. 
 I would recommend you to check if the packets destined to Site B are going to the IPsec tunnel using the GUI Packet Capture . 
 Also make sure you don't have overlapping networks on your end that match the Remote Subnets of Site B. 
 Try also checking if you have any conflicting static route or SD-WAN and if the VPN routes have precedence. (For this last step you need to SSH into the XG and press 5>4 in the Main Menu to land in the Console) 
 console> system route_precedence show 
 Regards,

Problem with my SOPHOS IPSec Site to Site VPN Tunnels

Top Replies