Good evening everyone, I'm asking here because it looks like to open a ticket in the Sophos portal I have to pay even though I have a subscription. For a very long time we had a site-to-site VPN with AWS, this stopped working for few days ago. I've…

Customer is randomly losing connection and I see this type of error message on IPSec VPN logs, any idea what is causing them? Informational Exchange message is invalid because it has a previously used Message ID Quick Mode I1 message is unacceptable…

Hi, I have an HA SG450 UTM 9 Pair running firmware version 9.705-3 in Active-Passive, on these there is an IPSec Site to Site setup with 1 local network (SNAT) and 10 remote networks which is working great. I want to add another local network behind…

I have to create a tunnel between our sophos utm 9 and a remote linux libreswan. Here is a table with the proposal from the remote site (libreswan on the left) and which setting I tried to match on our side (sophos on the right) libreswan…

Hello all, I have established an IPsec tunnel between two sites using a pair of UTM9 appliances. I can ping between subnets on both sides. However, as soon as I try SSH or HTTP to services on the remote subnet communications fail. I have checked the…

Hi all, hope you can help me, because i investierte some time in the configuration without solving the issue. Whats the problem? i must reach a specific external IP-Address from SIDE-A over the IPSec-VPN with the static-IP from SIDE-B <SIDE-A…

Good morning, I have a number of sites using Site-to-Site IPSEC tunnels, that terminate with my Sophos XG. I'd like to start sending the clients Internet Access through the tunnel, but am unsure what the best procedure is with UTM->XG S2S tunnels. …

Hi all together, first of all: I am pretty new to Sophos UTMs so I might lack some basics you would otherwise expect me to have. Currently I am planning a three-way site2site VPN connection. Later on this will be expanded to connect 16 different locations…

I have had a Site to Site IPSEC connection established for years and all of the sudden it has stopped passing traffic... Both systems UTM 9.509-3 Here is a tcpdump of the source (Respond only GW) UTM ipsec connection: here is a tcpdump of the…

I have set up an ipSEC tunnel between our on-prem UTM 9 device and Microsoft Azure. The plan is to have a server in Azure that must be accessible from the local network. However, I can't ping the server from the on-prem network, Pinging from VM on the…

Hey Everyone, I have an IPsec tunnel connecting multiple offices together and was wondering if someone could guide me to a better solution possibly? My Question is that I am having data being transferred between the different sites continuously…

Hi We have a Sophos UTM 9 running firmware version 9.405-5 attempting to connect to Fortigate 60D firewall but no joy. The logs show no connection being made on either ends of the devices, public ip's are reachable from testing. The policy on both ends…

Hello anyone, I have the following problem: I have a site-to-site IPSec VPN up and running between our SG120 and a customers Cisco ASR Router. However I am not able to get my traffic through the tunnel. The problem is - as I assume - that I was…

Hi all, I want to setup a site-to-site VPN between our ASG120 and a customers Cisco router. It seems to be fine for Phase 1 -> "ISAKMP SA established". But afterwards all I get is this: 2017:01:24-14:02:45 asti-2 pluto[5761]: "S_Customer" #132:…

Does anyone here have any up-to-date documentation on getting an IPSec tunnel working between UTM9 and a Fortigate 60D? The only thing I've been able to find is quite old and recommends using 3DES and MD5.

Hi all, we are trying to set up an accesspoint (AP55) at a remote office managed by the central UTM at our headquarter but it wont work. On main site we have a SG550 running 9.403, offsite an ASG120 running 9.405. Both are connected using an IPSec Site2Site…

I have many devices on the local LAN that route through the UTM. Currently all of them route to the Internet through the WAN interface. I have one device where I would like to route it through a VPN tunnel through a separate VPN server, but without…

Does anyone have a config like this working? - I can't get it working at all and if someone has a demo config which I can harden afterwards. I know that it works between the two devices, as it worked before. The original Zyxel died, but no-one had saved…

I have 3 active UTM running 9.403-4 They were deployed in a hub VPN connection last month and one has been stable and the other needed to be rerouted in order to connect. Primary LAN is 10.57.1.0/24, Secondary LAN 10.57.3.0/24 Tertiary LAN10.57…

Hi, We are using Sophos SG230 UTM. We have already created an Ipsec tunnel with out HO network and Supplier network and is working perfectly. Now, we want one more tunnel between our office and another supplier network but when I try to create new IPSec…

Hi there! I'm trying to build site to site VPN using ASG v7 and Windows 2012R2 Routing and remote access I've configured PSK Gateway on ASG and IKEv2 interface on windows. On windows I opened UDP 500,4500,1701 ports (tried opening all traffic there…

Hi, I tried to google and to search the forum, but haven't really found a solution... I have an UTM 9.3 (192.168.2.1) in the US with a stable site 2 site ipsec tunnel to a remote fritz box (192.168.1.101) in Germany. I can reach all devices in the…

We are seeing some performance issues on our IPSEC VPN connected WAN. We have a remote office connected through a S2S IPSEC VPN. Both WAN connections are Comcast Business 150/25 Mbps We are both on SG210 appliances - latest and greatest firmware…