This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec Connection down

I am configuring some IPsec vpn between my client's main office and 10 branch offices.
In the main office I installed a Sophos xgs116 (SFOS 19.0.1 MR-1-Build365) to replace an old Zyxel Usg 300 and in the peripheral offices there are 8 Sophos XG85 (SFOS 17.5.17 MR-17-Build837) and 2 Fritzbox.
In another peripheral location there is an SD-RED 20

The main office has a public static IP while the branch offices have no public IP.

It was easy to configure the vpn tunnels using the default profiles DefaultHeadOffice and DefaultBranchOffice using a different Preshared key for each tunnel. VPNs go up fast and work fine for a few hours then inexplicably go down.

The only way I have found to put them back on their feet is to change the preshared key used for the tunnel; it is a situation that is not possible to manage in this way, also because the vpn between the sophos of the peripheral offices and the old zyxel worked well.

What can I check to try to solve this problem? Do you have any suggestions?
Thank you

This thread was automatically locked due to age.
Parents Reply
  • I show you the VPN configuration between the main office (HO_1) and one of the secondary offices (BO_1). The configuration is the same for the other secondary offices where the Sophos XG85 is located.
    At this moment the vpn connection is established correctly but I encounter two problems:
    1) if the VPN falls it does not go up; I am forced to change the Preshared key to manually re-establish the Tunnel
    2) if I change the authentication method from Preshared key to RSA key
    on the secondary office device I cannot activate the connection and I receive the error previously reported ("All the connections shared between end points must have the same authentication methods and credentials")