Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

IPsec Site-to-Site VPN certain VLAN cant reach remote subnet

Hi everyone,

We have an IPsec site-to-site VPN connection between our Sophos and Fortigate devices. Currently, both the gateway and tunnel are UP and functioning properly. VLAN 10 and VLAN 20 are included in the local subnet configuration on the Sophos side. While VLAN 10 can successfully reach the remote subnet, VLAN 20 cannot.

Upon further investigation, I noticed that in the packet capture, connection attempts from VLAN 20 to the remote subnet are showing as "UNREPLIED."

Also note that the traffic traverse in the ipsec0 tunnel.

I have double-checked, and VLAN 20 is included in the local subnet on the Sophos side, as well as in the firewall rules and policies. Any ideas why VLAN 20 isn't able to reach the remote subnet despite everything appearing to be configured correctly?

Thanks in advance for any advice!



Added TAGs
[edited by: Raphael Alganes at 9:05 AM (GMT -7) on 18 Oct 2024]