Good evening everyone, I'm asking here because it looks like to open a ticket in the Sophos portal I have to pay even though I have a subscription. For a very long time we had a site-to-site VPN with AWS, this stopped working for few days ago. I've…

Good Evening All We have a Site to Site connection between the main office and the Cloud Server Site. Employees in there laptops have two SSL VPN Connections one for the main office and the other for the Cloud Site and they connect using the sophos…

Hi, I might share config comparison of VPN Site-To -Site IPSec VPN tunnels between Sophos SG (also newer Sophos XGS below) and Draytek Vigor 29xx series routers. It was some trial and error guessing game of all parameters, but finally I matched them…

Hi, I am having problems setting up AWS site-to-site VPN on Sophos UTM (Firmware version: 9.717-3 & Pattern version: 232735) Here are the steps I took: created AWS customer gateway with Sophos UTM public IP created AWS VGW and attached to the…

I am currently using an IPSEC vpn connection between my Sophos SG and my UDM-PRO, but the performance is ridiculously slow. I am getting 2.75 MBit/s at best with the Sophos sitting on a 100/100 MBit/s line. The UDM-PRO sits on a 900/40 MBit/s line. …

Hallo, for anybody who wants to connect their Sophos UTM to a Sophos XG, I wrote a converter for the .apc file. With this you can download the server config from an UTM firewall and convert it to the new JSON format used by the XG firewall. Check…

Hi, to make this short. I want three sites (each with own subnet and uplink) to reach each other site-to-site with ipsec vpn. Is it possible and how? I know it is pretty simple to have one main site and connect several sites to this main site. But how…

Hello everyone, I have been having issues connecting a VPN points together. I have tried everything and still the connection won’t come up. I will share as much information as I can and I hope I can get the needed solution here. 1) Error I get from the…

Hi, I have two sites connected over IPSec VPN using some third party routers. 192.168.10.0/24 - primary site 192.168.9.0/24 - secondary site I have my UTM running as a VM in the primary site with just one network interface. It is used primarily…

Hi, I have an HA SG450 UTM 9 Pair running firmware version 9.705-3 in Active-Passive, on these there is an IPSec Site to Site setup with 1 local network (SNAT) and 10 remote networks which is working great. I want to add another local network behind…

Am running Sophos UTM ver 9.705-3 and have an IPsec site to site VPN with Sonicwall TZ300 (which is set to "initiate connection") that works well until I reboot the Sophos. After rebooting the Sophos, I've watched the sonicwall keep retrying to reconnect…

I have a UTM version 9.705-3 with two subnets, LAN 192.168.100.0/24 on eth0 and WIFI 192.168.200.0/24 on eth2 that are connecting via IPSEC site-to-site VPN to a FortiGate appliance with hundreds of subnets. so I've configured the remote network on the…

Dear Helpers, we need to use SourceNAT for our new VPN connection to a client. The VPN connection requirement sheet is attached. The VPN connection is successfully established. For some reason the SourceNAT is not working. Our client asked us to use SourceNAT…

Hi folks! We have a site-to-site VPN via IPSec between an SG210 (600/40MBit) and an SG105 (70/25MBit) (both 9.705-3). If I enable IPS UDP Flood Protection (SMB-)traffic through the tunnel drops to about 270 kB/s, if disable it's about good 3,5 / 2…

Hi How can I find which version of StrongSwan the current Sophos UTM is using? We have an issue with a Site-to-Site VPN connection and the counterparty is asking for it. thanks and best simon

Hi guys, I have a site to site ssl vpn connection that is working great. I have an SG105 that captures all traffic (lan or wan) from its clients, and forwards it on to an SG310 at our main office. When the tunnel fails, I want devices on the SG105 to…

Hi all, hope you can help me, because i investierte some time in the configuration without solving the issue. Whats the problem? i must reach a specific external IP-Address from SIDE-A over the IPSec-VPN with the static-IP from SIDE-B <SIDE-A…

Should I just be ok with overall slow speeds across our RED15 connected network to our remote office? Or am I expecting too much. I have two applications that share a network connected main DB and the speeds are terrible at best. What is the best way…

I am running Sopohs UTM 9.504-1 and am having trouble connecting my UTM to an AWS VPC. It seems all the 'hard' parts are working. I have used the site-to-site VPN-> Amazon VPC->Setup->Import Via Amazon VPC Configuration tool. I have also set the 'Local…

Hello, I still don't get it, what are the purpose to use a RED site to site VPN ? From what I read: - its slower than IPsec. - its as easy as SSL VPN to setup. - its not possible to extend a same subnet with this mode because you have to…

Hi , If you have possibility to help on my case I have a Site to Site VPN with dual ISP between HQ Site and Branch Site First ISP is Private ISP (Private IP Address) then second ISP is Public ISP (Public IP Address). All networks on Branch Site…

Hello, If you have the possibility to help us with the problem that is appering about configuring on the Site to Site VPN with dual ISPs between two sites. On the following, I will describe in more detail how looking the design We have two Sophos…

HI We are trying to setup VPN tunnels from 9 Branches to Head Office XG Firewall. First Tunnel setup no problem, second tunnel does not allow to use the same local subnet on xg firewall. Basically all 9 Branches are setup with individual /24 networks…

Hey All, I am trying to connect to another computer via its local IP address (192.168.11.102) and I am on the main subnet (192.168.2.103) when I try to ping/log in to admin interface on the other computer it refuses the connection is there a way…

Hey Everyone, I have an IPsec tunnel connecting multiple offices together and was wondering if someone could guide me to a better solution possibly? My Question is that I am having data being transferred between the different sites continuously…