I can't make sense of this issue, any help / ideas would be much appreciated because i feel like I'm taking crazy pills <insert Mugatu>
I have the following setup:
XGS 2100 Site 1 (Latest Firmware)
SG 115 Site 2
The sites are connected via IPSEC and I have servers at both sites and I can transfer files and ping with no issues.
A RED 60 at the users home is connected to the XGS. It can ping and browse / transfer files at site 1 and 2. If the user Pings anything at site 2 the RED drops and loses connection completely, I can see this in the VPN logs as RED disconnecting and reconnecting. TLDR: Ping / ICMP Traffic to remote subnet causes RED to reboot but browse and file transfer works fine?!Only thing I can think of is that the ISP has provided a /31 address.
Does anyone have an XGS with a /31 connection and is also using REDs?
There was an old issue, which sounds like this problem, which is odd, as i expect to be fixed.
Try to disable the firewall-acceleration via CLI.
Also, check the issue with the below command :
console> system ipsec-acceleration show
console> system ipsec-acceleration disable
"Sophos Partner: Infrassist Technologies Pvt Ltd".
If a post solves your question please use the 'Verify Answer' button.
Thanks for your time Lucar and Bharat. Disabling ipsec-acceleration has fixed the problem. Is this a bug Sophos need to look into?
hmm i'm running SFOS 19.0.1 MR-1-Build365
SG 115 Site 2 is Sophos UTM ?
yes that's on 9.711-5
Since how long has the RED 60 tunnel been working?
To find the root causing the issue troubleshoot is required by debugging logs with Sophos Support Team.
red.log syslog.log networkd.log
Might RED require RMA as per the logs observed?
Thanks and Regards
This setup is new and the hardware RED 60 is new, I replicated the issue with another new RED 60 so I don't think it's the RED hardware.
I was wondering if anyone has a firewall with a /31 subnet and connected REDs successfully? (I have another site with an XGS firewall and RED's on a /29 subnet with no issues.) I'll have a look through the logs above and see what i can find.
Hi Craig O'Hanlon
Please share current firmware version running on Sophos XG under System-->Admininstration --->Backup and Firmware -->Firmware
SFOS 19.0.1 MR-1-Build365
craig A said:I was wondering if anyone has a firewall with a /31
Is it configured on Alias IP under Configure--->Network--> interface?
No Alias setup , it's a Static IP4 Physical Interface with gateway.
craig A said:I'll have a look through the logs above and see what i can find.
Sure, it would be great if you raised the case with Sophos Support Team to investigate the issue further