IPSec Problem
Hallo Zusammen,
ich kürzlich auf meinen beiden Sophos UTM 9 bei einem Tunnel folgende Fehlermeldungen:
2023:01:04-13:28:33 vpn-2 pluto[12183]: "S_REF_XXXXXX"[190] XX.XX.XX.XX #233353: Quick Mode I1 message is unacceptable because it uses a previously…
gelöschte Objekte endgültig entfernen
Hallo Community,
auf einer Sophos UTM 9.711-5 habe ich das Problem, dass gelöschte Objekte scheinbar doch nicht endgültig gelöscht werden, sondern unsichtbar weiter existieren.
Hintergrund ist, dass wir bei einem alten Kunden eine Site-to-Site VPN…
VLAN über IPsec Tunnel erreichbar machen
Hallo,
ich hatte vorhin ein Thema zum Vlans über RED-Tunnel routen, leider gab es keine Antworten und Gespräche mit mehreren Experten führten auch nur zu Fragezeichen
Ich habe nun also noch mal das IPsec angeschaut und eine Problemanalyse betrieben…
RED-60 endless booting sequence (System/Router)
Hello, I try to setup a brand new SD-RED-60 but facing endless error leds loop. On local site (192.168.1.0/24), Sophos SG125 configuration :
On distant site (192.168.0.0/24), the RED-60 boots the following sequence : - System led blinking green…
VPN tunnel between UTM and USG issue
Hello guys,
Trying to get a IPSec tunnel between our HO UTM and a USG we got for testing. Currently have it on my home network, seeing if I can get a IPSec tunnel going.
In logs, I keep getting: "MyWANIP" :500: ignoring informational payload, type…
Amazon VPC Site-To-Site tuning / filtering
Hi everyone,
We have two sites running UTMs that have an OSPF connection to each other over private link. They also have AWS VPC site-to-sites to the same VPC instance.
AWS VPC
| |
Office 1 - Office 2
Is there a best practice advised for how…
IPSec Site-to-Site VPN between Barracuda Firewall and SophosUTM = SophosUTM dropping ESP Packets - No Traffic going through the Tunnel
Dear all,
I have a serious problem with a VPN-Tunnel between a SophosUTM and a Barracuda CloudGen Firewall.
The Tunnel is established but I cant access anything from the other Site. When I run a ping I continuously see that ESP Packets between…
Configure interface for ICS
Hello,
We recently had to move buildings quickly and as a result our ISP isn’t in place yet. As a work around we’re using hotspot to a windows 7 box, configured ICS and then sharing that connection to the clients and VPN to connect to resources. However…
Route specific external IP-Address (Backend) on SIDE-A over IPSec-VPN and reach it with the Static-IP from SIDE-B
Hi all, hope you can help me, because i investierte some time in the configuration without solving the issue.
Whats the problem?
i must reach a specific external IP-Address from SIDE-A over the IPSec-VPN with the static-IP from SIDE-B
<SIDE-A…
Problems VPN Site to Site.
Hi. Can you help me with this problem that appears in VPN configuration:
2018:01:23-17:04:57 shopos_amazon pluto[7027]: packet from xxx.xxx.xxx.xxx:500: Quick Mode message is for a non-existent (expired?) ISAKMP SA 2018:01:23-17:05:23 shopos_amazon…
iview ssl site to site
Hi there, Small question, i've got two sites connected by SSLVPN Site to Site. All fine. Though, on remote site (client site) if i configure the remote log server (iView system on main site), the IP used by the remote UTM in order to push logs to the…
Routing over VPN issue
Hi,
I have the same Problem like in this Thread. But the Workaround posted there with a lower metric is not working for me:
https://community.sophos.com/products/unified-threat-management/f/management-networking-logging-and-reporting/95873/issue-modifying…
When (if ever) will UTM support IKEv2?
Hi all,
We use Sophos UTM V9 for a lot of things and have always been very pleased with the quality and supported features.
In the past, we also used Sophos UTM for a site to site IPSEC-VPN tunnel to a virtual network on Microsoft Azure. Not anymore…
Site-to-Site VPN zwischen zwei UTM auf ein gemeinsames Netzwerk
Hallo Sophos Community,
ich zerbreche gerade mein Hirn an der funktionsweise der Site-to-Site VPN zwischen zwei UTMs.
Ich wollte wie in der Anleitung eine Site-to-Site VPN zwischen zwei Standorten herzustellen um zwischen mehreren VMs an unterschiedlichen…
SIte to Site VPN to external organization
Hi,
I need help in setting up a s2s vpn to another site (not part of my company).
We're using SG430 and I've setup all the config for vpn according to the other site's configuration. The policies and encryption etc. are correct based on the information…
Aussenstelle mit SG im RED Modus anbinden
Wir wollen eine "Aussenstelle" anbinden die sich auf dem Gelände und in den Technikräumen eines Dienstleisters befindet. Nun haben wir darüber nachgedacht dort anstatt einer RED eine SG hinzustellen die wir im RED Modus anbinden wollen. Als Vorteil würden…
Site to Site UTM RED einrichten
Hallo,
ich scheitere gerade daran eine Site to Site RED Verbindung zwischen zwei UTM Firewalls mit neuester Firmware einzurichten.
Es handelt sich hierbei um mein Privates Netzwerk zwischen meiner Wohnung und dem Haus meiner Eltern. Da ich auf meinem…
WAF real webserver is in IPSec VPN Site to Site Tunnel - Can't connect reliably
Utilizing Azure S2S IPSec VPN tunnel. Can access a VM behind the firewall just fine. Trying to setup a WAF to connect to a web application in Azure. I've gotten it to work a couple of times but it seems very persnickety. Right now, and the situation I…
Site to Site VPN both behind NAT.....UTM Virtual Machine
So i have no other choice but to post here ans hope for the best.
I have Sophos UTM9 on an ESX server at my house and at my buddies business. Both locations are behind a NAT router, my home setup has a ZyWall SUG20 as the main gateway/router. I (so…
Established IPsec site-to-site VPN, can ping other network except our AVAYA IP Office 500v2 manager.
Hi, we created a IPsec site-to-site connection and its UP! from the remote area to our Head Office, they can ping our different workstation and server but not our Avaya IP office. They cant ping or access the webpage of the Avaya IP office.
For testing…
Jitter when using IP phone over Site-to-Site VPN
Hi,
I'm running the home version of the UTM, on the latest firmware (9.405-5). I'm experiencing some jitter when using my Cisco 7942 phone over a VPN from home, which is resulting in "gaps" in the conversation when talking - this goes both directions…
AP55 at remote office behind IPSec Site2Site VPN
Hi all, we are trying to set up an accesspoint (AP55) at a remote office managed by the central UTM at our headquarter but it wont work. On main site we have a SG550 running 9.403, offsite an ASG120 running 9.405. Both are connected using an IPSec Site2Site…
RE: SSL VPN issue after UTM upgrade to 9.404-5
Hello,
I had the same issue this last 15 days.
After many test, it's worked for me.
I think that this settings are important for SSL VPN to work.
In the both Server and Client UTM the hostname must match the public ip address. (Check by Whatismyipaddress…
RE: IPSec VPN keeps down after DSL lines reconnects...
I spend several hours to the same problem
Site 1: SG135 Appliance 9.402-7 (initiate connection)
Site 2: UTM120 Appliance 9.402-7 (listen)
Same Problem, Site-to-Site IPSec works with 9.355-1 and is broken every morning after DSL reconnect since…
RE: S2S IPSec VPN between 9.402-7 (after update from 9.355) UTM and second 9.355 broken ipsec_starter no default route - cannot cope with %defaultroute!!!
maybe it is a but in this Version 9.402[st]
downgrade to 9.355 and wait for the next patch[:D]