This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall v18 AWS site-to-site VPN connected but no traffic PING SSH

Well, I have followed this step-by-step, exactly:

https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/125560/sophos-xg-firewall-v18-to-aws-vpn-gateway-ipsec-connection

....and while the VPN shows "UP" in both AWS and my Sophos VPN section, I cannot PING or SSH to my test EC2 instance. In the bottom screenshot you'll see I have PING and SSH allowed from anywhere (0.0.0.0/0). I've been at it for hours, first because I mistakenly followed the v17. Even with the v17 how-to, my VPN said it was up in AWS and Sophos VPN section. Then I found v18 and thought for sure I would have success. No such luck.

At one point I got stuck at the part where I couldn't find my "xfrm" interface until I realize that little vertical blue line meant I could expand my WAN interface, thanks to THIS ARTICLE. Again, I thought for sure I would have success. No such luck again, and now I'm at a loss. 

The only difference I've noticed between my setup and the setup in the link above, is in Step 9 and Step 10, I have "xfrm1" not "xfrm2".

Anyone know where I should start with troubleshooting?



This thread was automatically locked due to age.

Top Replies

Parents Reply
  • Still the same Disappointed -- I had to change the "Local ID type" from IP address back to the default "Select local ID" option because otherwise it was forcing me to enter an IP address in the "Local ID" field. Going to watch a few episodes of Ozark... my head hurts.

Children