This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos RED-60 traffic not reaching destination

I have a customer using Sophos Firewalls in their environment. They have XGS87 at the branches with Broadband and P2P links. The IPSEC VPN disconnects too many times hence we decided to establish a RED connection and it worked really well on one site. However, on the next site the traffic from the branch firewall shows as being forwarded in the RED tunnel but it never showcases the same on the HO Firewall. Not a single packet from the branch PC is shown on the HO Firewall.

Here is the scenario:

HO FW - Broadband + RF

Branch FW - Broadband + RF

Routes configured on both sides for both RED and RF links with RED as distance 0 and RF as 1

The configuration is identical to the other site (except IP addressing).

This thread was automatically locked due to age.

0 Erick Jan over 1 year ago
Hi Mayuresh.

Thank you for reaching out to Sophos Community.

To verify if traffic isn’t passing through the Tunnel.

Recheck if the configuration is correct and does not overlap any other network.

Do a TCPdump on port 3410on Sophos Firewall Public IP to check if the Firewall can receive packets on UDP 3410 from the RED device.

Capture packet, tcpdump,conntrack and drppkt while generating test traffic inside the RED Tunnel

For reference, you may check the following

Sophos Firewall: RED (Remote Ethernet Device) technical training guide

Packet Capture

How to TCPDump

CLI Troubleshooting Tools
Erick Jan
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel