Hello, i am having a strange problem in site to site IP Sec VPN connectivity some users or from some IP addresses are unable to ping or connect the remote site addresses i am sharing the packet capture logs: 2022-06-29 16:50:41 Port4.17 Port1 IPv4 192.168.129.129 192.168.50.211 ICMP -- 0 139 Forwarded 2022-06-29 16:50:41 ipsec0 IPv4 192.168.129.129 192.168.50.211 ICMP -- 0 0 Incoming 2022-06-29 16:50:41 Port1 ipsec0 IPv4 192.168.50.211 192.168.129.129 ICMP -- 0 139 Forwarded 2022-06-29 16:50:41 Port1 IPv4 192.168.50.211 192.168.129.129 ICMP -- 0 0 Incoming 2022-06-29 16:50:40 Port4.17 Port1 IPv4 192.168.129.129 192.168.50.211 ICMP -- 0 139 Forwarded 2022-06-29 16:50:40 ipsec0 IPv4 192.168.129.129 192.168.50.211 ICMP -- 0 0 Incoming 2022-06-29 16:50:40 Port1 ipsec0 IPv4 192.168.50.211 192.168.129.129 ICMP -- 0 139 Forwarded 2022-06-29 16:50:40 Port1 IPv4 192.168.50.211 192.168.129.129 ICMP -- 0 0 Incoming 2022-06-29 16:50:39 Port4.17 Port1 IPv4 192.168.129.129 192.168.50.211 ICMP -- 0 139 Forwarded 2022-06-29 16:50:39 ipsec0 IPv4 192.168.129.129 192.168.50.211 ICMP -- 0 0 Incoming 2022-06-29 16:50:39 Port1 ipsec0 IPv4 192.168.50.211 192.168.129.129 ICMP -- 0 139 Forwarded 2022-06-29 16:50:39 Port1 IPv4 192.168.50.211 192.168.129.129 ICMP -- 0 0 Incoming 2022-06-29 16:50:38 Port4.17 Port1 IPv4 192.168.129.129 192.168.50.211 ICMP -- 0 139 Forwarded 2022-06-29 16:50:38 ipsec0 IPv4 192.168.129.129 192.168.50.211 ICMP -- 0 0 Incoming 2022-06-29 16:50:38 Port1 ipsec0 IPv4 192.168.50.211 192.168.129.129 ICMP -- 0 139 Forwarded 2022-06-29 16:50:38 Port1 IPv4 192.168.50.211 192.168.129.129 ICMP -- 0 0 Incoming 2022-06-29 16:50:12 Port1 ipsec0 IPv4 192.168.51.94 192.168.129.129 ICMP -- 0 139 Forwarded 2022-06-29 16:50:12 Port1 IPv4 192.168.51.94 192.168.129.129 ICMP -- 0 0 Incoming 2022-06-29 16:50:07 Port1 ipsec0 IPv4 192.168.51.94 192.168.129.129 ICMP -- 0 139 Forwarded 2022-06-29 16:50:07 Port1 IPv4 192.168.51.94 192.168.129.129 ICMP -- 0 0 Incoming 2022-06-29 16:50:02 Port1 ipsec0 IPv4 192.168.51.94 192.168.129.129 ICMP -- 0 139 Forwarded 2022-06-29 16:50:02 Port1 IPv4 192.168.51.94 192.168.129.129 ICMP -- 0 0 Incoming 2022-06-29 16:49:57 Port1 ipsec0 IPv4 192.168.51.94 192.168.129.129 ICMP -- 0 139 Forwarded 2022-06-29 16:49:57 Port1 IPv4 192.168.51.94 192.168.129.129 ICMP -- 0 0 Incoming a server located on site B IP address of 192.168.129.129 can be accessible from site A IP address 192.168.50.211 but not from the 192.168.51.94. can some one help me what is the issue here. Site A subnet is 192.168.128.0/21 Site B subnet is 192.168.48.0/22 let me know if any additional info required BR. Abdul Basit

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec VPN Tunnel remote connectivity issues

Hello,

i am having a strange problem in site to site IP Sec VPN connectivity some users or from some IP addresses are unable to ping or connect the remote site addresses

i am sharing the packet capture logs:

2022-06-29 16:50:41	Port4.17	Port1	IPv4	192.168.129.129	192.168.50.211	ICMP	--	139	Forwarded
2022-06-29 16:50:41	ipsec0		IPv4	192.168.129.129	192.168.50.211	ICMP	--	0	Incoming
2022-06-29 16:50:41	Port1	ipsec0	IPv4	192.168.50.211	192.168.129.129	ICMP	--	139	Forwarded
2022-06-29 16:50:41	Port1		IPv4	192.168.50.211	192.168.129.129	ICMP	--	0	Incoming
2022-06-29 16:50:40	Port4.17	Port1	IPv4	192.168.129.129	192.168.50.211	ICMP	--	139	Forwarded
2022-06-29 16:50:40	ipsec0		IPv4	192.168.129.129	192.168.50.211	ICMP	--	0	Incoming
2022-06-29 16:50:40	Port1	ipsec0	IPv4	192.168.50.211	192.168.129.129	ICMP	--	139	Forwarded
2022-06-29 16:50:40	Port1		IPv4	192.168.50.211	192.168.129.129	ICMP	--	0	Incoming
2022-06-29 16:50:39	Port4.17	Port1	IPv4	192.168.129.129	192.168.50.211	ICMP	--	139	Forwarded
2022-06-29 16:50:39	ipsec0		IPv4	192.168.129.129	192.168.50.211	ICMP	--	0	Incoming
2022-06-29 16:50:39	Port1	ipsec0	IPv4	192.168.50.211	192.168.129.129	ICMP	--	139	Forwarded
2022-06-29 16:50:39	Port1		IPv4	192.168.50.211	192.168.129.129	ICMP	--	0	Incoming
2022-06-29 16:50:38	Port4.17	Port1	IPv4	192.168.129.129	192.168.50.211	ICMP	--	139	Forwarded
2022-06-29 16:50:38	ipsec0		IPv4	192.168.129.129	192.168.50.211	ICMP	--	0	Incoming
2022-06-29 16:50:38	Port1	ipsec0	IPv4	192.168.50.211	192.168.129.129	ICMP	--	139	Forwarded
2022-06-29 16:50:38	Port1		IPv4	192.168.50.211	192.168.129.129	ICMP	--	0	Incoming
2022-06-29 16:50:12	Port1	ipsec0	IPv4	192.168.51.94	192.168.129.129	ICMP	--	139	Forwarded
2022-06-29 16:50:12	Port1		IPv4	192.168.51.94	192.168.129.129	ICMP	--	0	Incoming
2022-06-29 16:50:07	Port1	ipsec0	IPv4	192.168.51.94	192.168.129.129	ICMP	--	139	Forwarded
2022-06-29 16:50:07	Port1		IPv4	192.168.51.94	192.168.129.129	ICMP	--	0	Incoming
2022-06-29 16:50:02	Port1	ipsec0	IPv4	192.168.51.94	192.168.129.129	ICMP	--	139	Forwarded
2022-06-29 16:50:02	Port1		IPv4	192.168.51.94	192.168.129.129	ICMP	--	0	Incoming
2022-06-29 16:49:57	Port1	ipsec0	IPv4	192.168.51.94	192.168.129.129	ICMP	--	139	Forwarded
2022-06-29 16:49:57	Port1		IPv4	192.168.51.94	192.168.129.129	ICMP	--	0	Incoming

a server located on site B IP address of 192.168.129.129 can be accessible from site A IP address 192.168.50.211 but not from the 192.168.51.94. can some one help me what is the issue here.

Site A subnet is 192.168.128.0/21
Site B subnet is 192.168.48.0/22

let me know if any additional info required

BR.

Abdul Basit

This thread was automatically locked due to age.

Parents

0 Bharat J over 1 year ago

Hi Abdul Basit6

As per the logs, traffic is getting forwarded over IPsec VPN

Please check if you are getting any drops while reaching the destination IP

console>drop-packet-capture 'host <destination IP>

console>tcpdump 'proto 50 or 51

If both the sites you have Sophos XG connected via IPSec VPN, you can troubleshoot the issue by creating firewall rule from LAN to VPN and VPN to LAN and keep the rules on TOP on both Sophos XG and enable ping from System-->Administration --->Device Access on VPN and LAN Zone.

Thanks and Regards

"Sophos Partner: Networkkings Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Bharat J over 1 year ago

Hi Abdul Basit6

As per the logs, traffic is getting forwarded over IPsec VPN

Please check if you are getting any drops while reaching the destination IP

console>drop-packet-capture 'host <destination IP>

console>tcpdump 'proto 50 or 51

If both the sites you have Sophos XG connected via IPSec VPN, you can troubleshoot the issue by creating firewall rule from LAN to VPN and VPN to LAN and keep the rules on TOP on both Sophos XG and enable ping from System-->Administration --->Device Access on VPN and LAN Zone.

Thanks and Regards

"Sophos Partner: Networkkings Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data