Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Vendor router/ipsec tunnel on /29 routed subnet behind /30 sophos xg. Tunnel disconnecting.

Summary:

AT&T provides us a /30 for our equipment and a /29 routed subnet. We are currently using several of these addresses as Alias NAT'd for hosted services. We have a vendor who wants to establish a VPN tunnel to their remote site via a cisco 4300 router using one of the /28. 

What I have done:

I created a LAN interface using an available 12.56.56.1/28 address and the vendor router configured on a different 12.56.56.3/28 and using the interface 12.56.56.2/28 as the gateway.

Any/Any firewall rule is in place and a static route 12.56.56.3/32 via the 12.56.56.1/28 interface. Traffic is flowing I can ping the 12.56.56.3/28 of the router from outside and they can establish the VPN tunnel. All good or so I thought.

The Problem:

The issue, Intermittently the VPN tunnel goes down on the vendor equipment.

 

Anyone who could offer some guidance would be greatly appreciated. 

*I thought maybe a bridge interface in some configuration would be better however we have a number of SD-WAN tunnels and Alias address NAT'd that I would rather not have to rebuild just to test something. 



This thread was automatically locked due to age.