Webadmin+VPN problem in China

Question

Hello 
 
 I've setup a Sophos SG135 for our office in Shanghai 2 years ago. I'm based in France and I've mounted an IPSEC VPN between our SG310 in Paris to the one Shanghai back then. 
 It's been working just fine for 2 years but approx 3-4 weeks ago, the VPN went down and I can't access the WebAdmin interface through it's public IP (it's working locally though). 
 
 This is typical Chinese Great Firewall behaviour... 
 
 Weird thing is I can ping the public IP (ICMP is allowed on the SG135 obviously) and I can access UserPortal on port https/443 from Paris. 
 
 Does anyone else experience bad connectivity with a Chinese office? Did you find your way around? 
 Does China Telecom helped in any way ? - may you have contacted them 
 Any tips/tricks to get a stable connection? 
 
 I've seen better connection using SSL VPN on UDP before but I didn't tried it yet, any feedback? 
 
 If you have any experience on that subject, please feel free to share :) 
 Thanks 
 Marc

vitali wagner · Answer

Hello everyone, we faced the same problem with the new XG Firewall. I tried many things, Port-change, Port-Redirection and so on. I changed the Protocol from TCP to UDP on the Firewall and it works like a charm. You can use any Port by using UDP Protocol, if you change the Protocol you just need to change "proto tcp" to "proto udp" in the config (4th line from above).