Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 39 subscribers
  • Views 8691 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Where / how can i make a bug report?

thausmann

With current XG85 firmware a working IPsec connection between XG and UTM is only possible with the Branchoffice IPSEC vpn policy on the XG. With every other IPsec policy the connection may come up but no traffic can cross the tunnel!



This thread was automatically locked due to age.
Parents
  • 0
    Thausmann,

    try to better explain what is your issue and to post some screenshot even on forum and someone from Sophos will reply you back. If a bug exists, they will let you and us know.

    Luk
  • 0 in reply to lferrara

    Hello,

    I got the the solution for my problem from the answer shown below. There is the problem well described. On an IPsec connection only traffic passes the tunnel if you use the Branchoffice IPsec policy with the exact shown configuration on the XG85. Every other IPsec policy setting results in the behavior that no traffic can pass the tunnel. This is definitly a bug I will say. This costs me 3 days of unnecessary work!

    Thilo

    ..........................................

    Blao

    Replied: 6 Dec 2015 10:42 AM Like

    In reply to thausmann:

    I also have this problem on the XG85 and i discoverd its because of the IPSEC policy.

    If you use the Branchoffice IPSEC vpn policy on the XG.

    And use the following policy on the Sophos UTM:

    /cfs-file/__key/communityserver-discussions-components-files/46/4201.SophosUTM_5F00_XG_5F00_POLICY.PNG

    I can ping though the VPN.

    As soon as i change on both sides one setting on this policy the vpn will get up but does not allow any traffic through. (Like: IKE encryption both sides to AES 192)

    .................................................

Reply
  • 0 in reply to lferrara

    Hello,

    I got the the solution for my problem from the answer shown below. There is the problem well described. On an IPsec connection only traffic passes the tunnel if you use the Branchoffice IPsec policy with the exact shown configuration on the XG85. Every other IPsec policy setting results in the behavior that no traffic can pass the tunnel. This is definitly a bug I will say. This costs me 3 days of unnecessary work!

    Thilo

    ..........................................

    Blao

    Replied: 6 Dec 2015 10:42 AM Like

    In reply to thausmann:

    I also have this problem on the XG85 and i discoverd its because of the IPSEC policy.

    If you use the Branchoffice IPSEC vpn policy on the XG.

    And use the following policy on the Sophos UTM:

    /cfs-file/__key/communityserver-discussions-components-files/46/4201.SophosUTM_5F00_XG_5F00_POLICY.PNG

    I can ping though the VPN.

    As soon as i change on both sides one setting on this policy the vpn will get up but does not allow any traffic through. (Like: IKE encryption both sides to AES 192)

    .................................................

Children
No Data
Unfiltered HTML