Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 38 subscribers
  • Views 1335 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XGS2100 with SFOS 20 GA - blocks UDP 500/4500 from WiFI2WAN or from LAN2WAN

juergenb52

Now the XGS2100 HA Cluster (SFOS 20 GA) also suffers from the same problem
as the XG125 Rev.3 (SFOS20 MR2) and the XG115w Rev.3 SFOS20 MR2).

The firewalls start blocking UDP traffic on port 500/4500 for no apparent reason.

It seems to me that faulty updates, hotfixes or signature updates are being rolled out here.

I don't want to hope that the XGS2100 will also die in a few days.

There is also a case ID 01881909

The XGS2100 cluster has been running stably for several months, no rule changes have been made.



This thread was automatically locked due to age.
Parents
  • 0

    Hello Juergen,

    Thank you for contacting the Sophos Community.

    As per your last interaction with support, no drops seem to be seen in the firewall.

    The test user can connect after creating an SDWAN with the specific source and destination of the Primary ISP port.

    After this the Wifi network was added to the SDWAN rule.

    You will be checking with your ISP.

    We will continue to monitor the case.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to emmosophos

    The ISP providers had checked the routers and restarted them, but the problem was still there.

    Only a reboot of the XGS HA cluster put an end to the problem
    and the routing of the VPN packets was working properly again in the head office.

Reply Children
No Data
Unfiltered HTML