• Vpn IPsec issue

    Arch Capital
    Arch Capital
    We have issue with IPsec configuration we create branch and headquarter vpn but not connect all setting is ok The main firewall is fiber connection The branch firewall is 5G router connection Reply to chat and email / turky@thearchcapital.com
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Site-to-Site IPSec Not Working As Intended

    haydenspence
    haydenspence
    Hi. I am currently working with a test environment and have configured two XG firewalls to have an IPSec Policy-based site-to-site connection between them. I cannot get the IPSec connection to forward traffic correctly. I have been trying for hours…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG 210 IPSEC DOWN FAILED PARSING IKE

    Simon BALAND
    Simon BALAND
    Hi, We are losing our ipsec link after some time. (randomly) Initial connection is ok no problem But in logs we have this message : IPSEC FAILED Couldn't parse IKE message from : X.X.X.X Check the debugs logs ID 18052 If i reinitiate manually…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Internet traffic not routed from branch office through head office via site-to-site VPN

    brucepott
    brucepott
    Hi, we have a head office XG135 and 4 branch offices connected with site-to-site vpns and various sophos firewalls. ( 125, 87,86 ) VPNs are working fine. We want to route all internt traffic from the branch offices through the headoffice internet…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • IPSec to Azure - Tunnel interface missing after creation

    Matthew Wall
    Matthew Wall
    Hi all, I have been having an issue with my XG330 firewall. I created a Tunnel Interface to Azure, and see that the IPSec tunnel is not appearing under my network interfaces. I have followed the documentation highlighted here. Sophos Firewall: Configuring…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos to Fortigate site to site issue

    sndyblz
    sndyblz
    Anyone has a experience on create a site to ste vpn with fortigate firewall (as spokes and Sophos as hub), and face the ff issue: Random instances the spoke site went down even the isp has stable connection. And every time one or 2 sites (spoke, we…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • IPSEC VPN intermittent communication issue

    Mayuresh Bhagwat
    Mayuresh Bhagwat
    Setup: Sophos XGS 87 (SFOS 19.5.1 MR-1-Build 278) and Sophos XG210 (SFOS 19.5.1 MR-1-Build278) Connection type: IPSEC VPN Site to Site Issue: The communication between the 2 site networks works well for sometime and suddenly the communication breaks…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • New S2S can't connect

    Jeff Vandervoort
    Jeff Vandervoort
    MO: XGS136/SFOS v19,5,2. Not in production yet, setting up to replace production firewall. BO: XG115/SFOS v19.5.2. In production. MO & BO have had an IPSec S2S running for a long time with the MO production firewall. The MO XGS that will replace…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Site 2 Site VPN with multiple remotes having dynamic WAN IP addresses

    Randy Cleveland
    Randy Cleveland
    Hello, We have an XGS firewall at our HQ location, set up with several Site to Site VPN connections with remote XGS firewalls that have Static WAN IP addresses. I also have one site2site set up with a remote location with a dynamic WAN ip address…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Hub and Spoke with Sophos as HO and Fortigate as Branches

    sndyblz
    sndyblz
    We will migrate our Fortigate to Sophos XG, and one of our requirement is to create a IPsec site to site with Sophos XG 3300 ( as HUB or Head office) to small FortiGate in client branches (as Spoke). The problem is, I don't see any KB/Doc about creating…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • IPSec (Using NAT) add multiple local network

    Tier1@Vision9
    Tier1@Vision9
    Hello, We have created the IPSec tunnel (uses NAT) to application provider dc. Internal network is translated to NAT IP (provided by application provider). Tunnel is working. Now, we have to add SSL vpn remote access network to that IPSec tunnel…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • VPN Ipsec Site-to-site

    Adem SI
    Adem SI
    Hi. I have a site-to-site ipesc tunnel with my branch, the tunnel is connected to both parts, I have two rules created, Inbound and Outbound rule, the inbound rule works perfectly, all clients on the branch network can connect to my servers, but the…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall Authentication to server in Azure across VPN Tunnel

    DavidSain
    DavidSain
    I recently worked through a problem where an on premise firewall was unable to authenticate Remote Access VPN users with Active Directory as the server is hosted in Azure through a VPN (Active Directory is used instead of AAD as it's less expensive to…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos v19 Site To Site VPN Multiple Wan Routing Problem

    MustafaTASCI
    MustafaTASCI
    Hello everyone, After migrating to version 19, we wanted to remove the migrated rules and rewrite the all configuration. However, we ran into some problems with the reconfiguration. We have 2 WAN internet interface and do not do load balancing or…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • IPSec tunnel with Cisco Peer

    Memorycard
    Memorycard
    Hello guys, what is your suggestion to establish an IPSec tunnel with a Cisco router that is configured: Phase1 algorithms: 3des and MD5 Phase2 algorithms: esp-3des and esp-sha-hmac
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS 2100 no outbound traffic

    Fizzle
    Fizzle
    Greetings and thanks for reading! I'll have to start by asking for some patience as I'm new to the Sophos firewall platform. I'm going to provide a lot of detail to make sure I dont miss something important. I work for a small university and am trying…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Two XG 19.5 IPSEC S2S connected, DNAT from WAN head office to a remote server in branch office.

    Damiano
    Damiano
    I have this situation: HEAD OFFICE: IP: 192.168.75.0/24 BRANCH OFFICE IP: 192.168.82.0/24 Host: 192.168.82.64 I established a S2S between the two firewalls but I need to publish from te WAN head office a service on a remote host in branch…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Ipsec traffic go through ssl tunnel inspect of ipsec tunnel

    Tri Nguyen2
    Tri Nguyen2
    hi everyone. i have created ipsec route base vpn but when everything done, the traffic is going through wrong tunnel interface. the precedence route is static > sd wan route > vpn route. ipsec status is up. and i have added route to the remote…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Strange Traceroute behavior between sites

    Steve Klassen
    Steve Klassen
    Hi there. I have 3 sites, each connected to our datacenter. Location 2 has a Tunnel interface connection, Location 1 and 3 have a Site-to-site connection. Like this: Location1 ====sitetositetunnel===== Datacenter=====tunnel=====Location2 Location1…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • IPSEC Tunnel Mode does not reconnect automatic

    Carlos Cesario
    Carlos Cesario
    Hello guys, Im facing a bit problem with IPSEC VPN in Tunnel mode. When the WAN link goes down in BO or HO the IPSEC tunnel does not reconnect automatically. I need force reconnect manually (clicking in red circle). Im using the default "Head office…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Rule/Route Configuration to allow ICMP probes over VPN Tunnels

    CF1 Tech
    CF1 Tech
    I have a scenario I could not find an answer for. I have a health probe that comes in over my established VPN tunnel interface xfr1. These can be typical ICMP Requests that source from various IPs, or they can be constructed packets where there is an…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • S2S IPSEC - Policy based and Routing based

    Michael Wallis
    Michael Wallis
    Hi All, We have Head Office with 6 Branch Offices. Each Branch office is connected to the Head Office via a Policy Based IPSEC S2S VPN. The head office and branch offices all have 4G backup internet. Hence, this requires 4 tunnels per branch office…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • VPN Failback Issues with Backup ISP

    Sean Birdsill
    Sean Birdsill
    I have a site to site VPN between a Sophos XGS 116 and Cisco ASA 5516-X firewall. I have the two WANs configured (active/backup), and a VPN failover group created. When the main ISP goes down, the backup ISP takes over and the VPN continues to work as…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • AWS VPN + BGP , up and down .

    zzzp8
    zzzp8
    Hi there Have setup a VPN to AWS from a XG on v 19.5 firmware I used the VPC config file provided by AWS on the VPN Gateway and uploaded it to the Sophos as a VPC site to site VPN. The BGP and VPN comes up - however once up the WAN interface…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • GRE Tunnel as SD-WAN Gateway

    Jasmin Karaji
    Jasmin Karaji
    Hi I have configured a GRE tunnel between two Sophos Firewalls and it works fine and I am able to ping both GRE tunnel IPs from other side. I am trying to add GRE tunnel IP address of other side as SD-WAN Gateway so I could route traffic by SDWAN rules…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>