Hello all,
We have a problem with one of our software applications. We are using SFOS 19.5.0 GA-Build197. The software needs to connect to a remote server which is only available via site-to-site VPN. The connection is configured and is working (green…
Hello,
we have a Sophos FW, which has already a S2S Tunnel to a Site A with network 192.168.0.0/24
Is it possible to create another S2S VPN to a Site B with three hosts only, but they belong to the same network: 192.168.0.7, 192.168.0.9, 192.168.0…
Hello together, I am struggling with a strange problem. In my setup, an XG is supposed to send all internet traffic from a branch office through the central office. For this I have set up an IPsec site-to-site connection. For most of the internet traffic…
A customer of ours is using a Sophos Firewall to create IPSEC VPN tunnels to a remote 3rd party Data Center which has Fortinet installation i.e. the connections here are between Sophos and Fortinet. They have setup 3 IPSEC VPN connections between these…
Hello Community,
the setup guides and the IPsec settings for our XGS3100 Firewall confuse me.
I want to setup a IPsec Site-to-Site tunnel to connect to our Site in another city. Both sites have new XGS3100 Firewalls running SFOS 19.5.1.
The configuration…
Hi guys and girls,
I'd like to configure 2 IPsec VPN tunnels to Azure over 2 WAN links so that if a WAN link fails, it automatically fails over to the second IPsec tunnel. On the Azure side it would be configured to use BGP so that the routes are advertised…
I have configured Site to Site Vpn in Sophos and Microtik Firewall, But issue is i have not getting ping for the Sophos side but i am able to ping for Microtik side. its means i have ping for only one side not both. can are you suggest some tips for resolve…
We have an ipsec tunnel local subnet: 10.2.226.0/24 remote subnet: 10.227.0.0/16
the local_subnet was the NATted subnet of others subnets.
When the tunnel is up, no traffic to 10.227.0.0/16 In the strongswan.log, we can view the firewall don't want…
Dear All Sophos Expert Team,
How are you? Hope you are doing well,
A few days ago, I configured an IPSec tunnel between my Sophos XG firewall and my Mikrotik server located at a remote location. After configuring the IPSec tunnel, all of my network…
After extensive tracing of the traffic, what happens is that XG receives the packet, but it does not encapsulate it to send over the xfrm interface.
this is from the server side:
this is from the client side:
where you can see that IP packet…
Can anyone help me get my site to site up between a XGS116 and a Cisco ASA5506.
I am pretty sure its an issue with phase 2 as I can see the vpn on the cisco asdm vpn monitoring but it looks like its showing phase 1 but not phase 2. Also the sophos logs…
I have two branch offices running XGS107's and a head office running XG210. I also have another ipsec vpn to a sister agency that works fine. About 24 hours after I bring up the second branch office, the first one is dropped, says authentication failure…
I am working with a customer where we have IPSEC VPN created between Sophos and Fortinet. The network allowed from the Fortinet side and configured as "Remote Subnet" in the IPSEC VPN is 10.10.0.0/16. We also have some URL's configured and the DNS Host…
This is likely a unique situation, but I'm curious if anyone else has seen a similar configuration.
I have an IPSEC site to site VPN tunnel configured between two locations. At Site "A", all resources are on the same network and are configured to use…
Hello guys,
I have IPsec Tunnel Site-to-Site with this lans:
192.168.22.0/24
192.168.26.0/24
On the lan 26.0 i need to reach 1 machine and that machine got the ip 192.168.22.140. On diagnostic of firewall i can ping that machine but on CMD…
Is it possible to create a NAT policy so that it uses the IP address of port #1 (LAN Zone) of the remote device as the MASQ address?
We have a client with around 28 remote offices. They are all connected by IPSEC site-to-site but only office LANs are…
Hi to all Sophos Community,
I was wondering if you had any idea on this problem.
First time using Sophos firewalls, mostly working on them via Sophos Central Web Admin.
So I enabled IPSec VPNs, it does work with local created users.
Company asked…
Dear Experts, would like to seek your advise why the firewall XG135 failed to connect to domain controller (for SSL VPN Active Directory authentication) that was promoted in Azure.
The below is the setup of my network:
Network - Hybrid (Azure site…
Hello , Please I need help with this case
I have 2 Sites A and B
In Site A: I have Sophos XG With 2 Wan Link from different ISP Direct Connected to Sophos and one LAN port 192.186.1.101 connected to Lan Switch , All PCs in LAN have GW : 192.186…
Hi!
Our Site-to-Site VPN connections between various Sophos XG-firewalls are fairly stable but sometimes it happens that something gets stuck (e.g. connection is not established but does not reconnect until it is done manually even though DPD says to…
Hi,
so there is actually an issue open with the ipsec_acceleration. On XGS devices its not working as i stated on my last post: XGS 136: Connection issues from VPN to LAN when (unsubscribed) Web Filtering is set to 'None' in firewall rule
With the…
Hi there,
we have Tortoise SVN Repos on our Fileserver. No SVN Server but only SVN Repos on Filesystem.
When we checkout or commit on those Repos in our local net everything is fine and very fast.
When we try to check out in home office over Sophos…
Hello,
I have a Sophos XGS 2100 in the HQ and in the outher locations XGS116/126.
So on some of the XGS 126 i have a Problem with the Site to Site VPN.
In the Web-Gui the Firewall shows all connection green. both of the FWs
But i can not…
Hi all,
I'm in an HO with about ten BO. site to site ipsec connections are all based on ipsec policies with IKEv1.
I think IKEv2 is more secure
do I have to migrate for security reasons to the IKEv2 version If so, is it just changing the version…