HELLO GOOD AFTERNOON DO YOU KNOW WHY THE VPN CANNOT CONNECT AND I AM CHECKING THE RULE BUT THERE IS TRAFFIC
AND THIS IS THE RULE
This thread was automatically locked due to age.
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
HELLO GOOD AFTERNOON DO YOU KNOW WHY THE VPN CANNOT CONNECT AND I AM CHECKING THE RULE BUT THERE IS TRAFFIC
AND THIS IS THE RULE
1. You can use * instead of 192.168.1.2 under Remote gateway and make sure you upstream ISP router has forwarded IPSec VPN ports for 192.168.1.2.
Best practice is to use DDNS for a remote gateway
2. Configure local id type and remote-id type at both the end properly.
3. Try to update the firmware version to the latest Sophos Firewall v20 is Now Available
4.Please hide Public Static IP from above post screenshots
Regards
"Sophos Partner: Networkkings Pvt Ltd".
If a post solves your question please use the 'Verify Answer' button.
At this site where 192.168.1.2 is local there is likely a router in front with 192.168.1.1 (guess).
This router in front should either port forward all IPSEC ports to your firewall at 192.168.1.2 or it should forward all traffic to 192.168.1.2.
Then in that same site browse to a site like whatsmyip dot com to check the public IP-address for that site and enter this information on the remote site instead of 192.168.1.2 which you have configured now.
Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.
Hi,
Thank you for reaching out to Sophos Community.
I've edited your reply and hidden the public IP.
Erick Jan
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
I suggest that , too: this site seems to have a router in front with that 192.168.1.0 /24 net as transfer network.
Easiest would be to find out, which public IP is given to that router and use that in your site-to-site definition.
This is in addition to what apijnappels already said
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
I suggest that , too: this site seems to have a router in front with that 192.168.1.0 /24 net as transfer network.
Easiest would be to find out, which public IP is given to that router and use that in your site-to-site definition.
This is in addition to what apijnappels already said
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, Germany
Sophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.