Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 10538 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Webadmin+VPN problem in China

Service Informatique1

Hello

 

I've setup a Sophos SG135 for our office in Shanghai 2 years ago. I'm based in France and I've mounted an IPSEC VPN between our SG310 in Paris to the one Shanghai back then.

It's been working just fine for 2 years but approx 3-4 weeks ago, the VPN went down and I can't access the WebAdmin interface through it's public IP (it's working locally though).

 

This is typical Chinese Great Firewall behaviour...

 

Weird thing is I can ping the public IP (ICMP is allowed on the SG135 obviously) and I can access UserPortal on port https/443 from Paris.

 

Does anyone else experience bad connectivity with a Chinese office? Did you find your way around?

Does China Telecom helped in any way ? - may you have contacted them

Any tips/tricks to get a stable connection?

 

I've seen better connection using SSL VPN on UDP before but I didn't tried it yet, any feedback?

 

If you have any experience on that subject, please feel free to share :)

Thanks

Marc



This thread was automatically locked due to age.
Parents
  • 0

    Hello everyone, we faced the same problem with the new XG Firewall. I tried many things, Port-change, Port-Redirection and so on. I changed the Protocol from TCP to UDP on the Firewall and it works like a charm. You can use any Port by using UDP Protocol, if you change the Protocol you just need to change "proto tcp" to "proto udp" in the config (4th line from above).

Reply
  • 0

    Hello everyone, we faced the same problem with the new XG Firewall. I tried many things, Port-change, Port-Redirection and so on. I changed the Protocol from TCP to UDP on the Firewall and it works like a charm. You can use any Port by using UDP Protocol, if you change the Protocol you just need to change "proto tcp" to "proto udp" in the config (4th line from above).

Children
No Data
Unfiltered HTML