Sophos UTM: Decommissioning of obsolete URL categorization services CFFS. Click here for important info.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec Tunnel modification - tunnels is always disconnected afterwards

XG or XGS with SFOS 19.0.1 is IPSec Site-to-Site Tunnel initiator. The other side is responder.


Whenever I change the IPSec connection e.g. add a host or network object, change something in the securitysettings, the tunnel will terminate and not recover itself. It becomes "red".

Of course I change it on both sides - first on the XG as initiator so I do not cut off my management connection to the machine, then on the responder.

I need to connect to the remote site over backdoors or Sophos Central and re-activate the tunnel.

Why can't the machine do this itself after the change of the tunnel. It's totally senseless to me that is just fails and then sits in that failed state until an admin manually comes remote and click on the connect button.

This issue is known to me since I manage XG (SFOS 17.5) and nothing new.

Are there plans to change this?

This thread was automatically locked due to age.
Parents Reply Children
No Data