Firewall behind ISP Router

ywillie 1 month ago

Is there a way to check if the ISP router doesn't supports IKE2 causing IKE2 IPSEC tunnel to fail.
A troubleshoot method or guide ?
This is to proof to Service Providers that the problem lies in their end and not firewall.

Added TAGs
[edited by: Raphael Alganes at 12:22 PM (GMT -7) on 22 Oct 2024]

Top Replies

Mayur Makvana 1 month ago +1 suggested

Hello, You may review the logs using below: support.sophos.com/.../KBA-000006520

Parents

0 dirkkotte 1 month ago

Hello,
what problem are you seeing? What does the connection look like in the GUI? What is in the log viewer under "VPN"
Are IKE packets arriving at the firewall (packet capture with filter "port 500")
How long has the problem been occurring?
Sophos recently made a change to IKE which can cause IPSec problems with third-party devices. (In our case, the Cisco ASA allowed IKE through, but not ESP data)
may be, IPSec is used on the ISP-router too ...?

Dirk

Systema Gesellschaft für angewandte Datentechnik mbH // Sophos Platinum Partner
Sophos Solution Partner since 2003
If a post solves your question, click the 'Verify Answer' link at this post.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 dirkkotte 1 month ago

Hello,
what problem are you seeing? What does the connection look like in the GUI? What is in the log viewer under "VPN"
Are IKE packets arriving at the firewall (packet capture with filter "port 500")
How long has the problem been occurring?
Sophos recently made a change to IKE which can cause IPSec problems with third-party devices. (In our case, the Cisco ASA allowed IKE through, but not ESP data)
may be, IPSec is used on the ISP-router too ...?

Dirk

Systema Gesellschaft für angewandte Datentechnik mbH // Sophos Platinum Partner
Sophos Solution Partner since 2003
If a post solves your question, click the 'Verify Answer' link at this post.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data