Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec Site to Site VPN Disconnection

Hello,

I have setup a site to site IPsec VPN between a Sophos XG (Responder) & a DrayTek (Initiator) router. Everything is working as it should apart from a disconnection every so often. I believe this has something to do with the re-key event that stated in part 3 of below knowledge article.

 Sophos Firewall: Best practice for site-to-site policy-based IPsec VPN 

I have kept the default key life setting on the XG. Phase 1 = 5400 & Phase 2 = 3600 and have copied to the DrayTek's side. On the XG, I have disabled "Re-key Connection" & "Dead Peer Detection". Both XG and DrayTek are using AES256 SHA2256 for Phase 1 and Phase 2.

I have even changed the key life on the DrayTek's side to something different to test. But I'm still getting the same disconnection errors.

Disconnection error "Name-1 - IPSec Connection Name-1 between XXX.XX.XXX.XXX and XXX.XXX.XX.XXX for Child Name-1 terminated. (Remote: XXX.XX.XXX.XXX)"

Message ID = "17802"

Any ideas?

Thank you =)



This thread was automatically locked due to age.