This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to import AWS VPC VPN configuration

Hi,

I'm trying to import the AWS VPN configuration file into my Sophos UTM running firmware 9.7

I have downloaded the configuration file from AWS using Sophos, UTM and v9.

However, every time I try to import it, it reports the following error:

The Amazon VPC connection object requires matching a regular expression for the identifier attribute.

 

I have also tried giving the Amazon VPC some AWS Credentials to import the connection that way. That also fails with the same error message.

 

Has anyone else seen this problem? And have you found a way passed the problem?

 

Kind regards,

Paul Macdonnell



This thread was automatically locked due to age.
Parents Reply Children
  • Hallo Philipp and welcome to the UTM Community!

    Did you follow the instructions in the two articles to which I linked in the post immediately above yours?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • BAlfson said:

    Hallo Philipp and welcome to the UTM Community!

    Did you follow the instructions in the two articles to which I linked in the post immediately above yours?

    Cheers - Bob

     

     

    Hello Bob,

    Thank you for welcoming me. You do not seem to grasp the problem. You gave me some default documentation links how to setup an AWS VPN Connection with Sophos in comparion to AWS VPCs.

    We already have several such "normal" VPN connections running.

    This thread is about a bug/missing feature either from Sophos or AWS when setting up a VPN connection not to a regular VPC but to a AWS Transit Gateway.

    Please read the documentation here and maybe try to create such a TGW + VPN connection yourself (with Sophos UTM V9 on the other side).

    The connection is setup in another way and leads to a metadata file exported from AWS which does not include a VPC Gateway ID. This cannot be understood by Sophos which requires a VPC Gateway ID. So we need a workaround/fix here.

    Greetings
    Philipp

  • I attempted to do the import today and same error on two different UTM running latest firmware.   Did the fix of updating the XML fix the issue?

     

    ANy fix yet from Sophos or AWS?

  • You're right, Philipp, I didn't read closely enough and just assumed that it was a problem that I'd helped a client to solve.  Thanks for the link!

    Did the workaround linked to by Brian work for you?  If so, please post back here so one of the Sophos people can learn of this and get a KnowledgeBase article created.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • The workaround of editing the XML files does not work. 

  • Hi Bob,

    with our setup the workaround actully did the trick.
    We have a working VPN attached to a AWS TransitGateway.

    Greets Philipp

  • Hallo Philipp,

    I've signaled this thread to on of the Sophos engineers - what about your configuration/setup do you think allowed the workaround to function?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi  

    Would you please open a case with Sophos Support for this issue? If the workaround does not help, it would be better to raise a case with Sophos Support.

    Regards

    Jaydeep