Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 5 subscribers
  • Views 3465 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No Connection through an Site2Site tunnel with IPSec

NicoM

Good Morning,

i set up an IPSec Tunnel between two SG230 a year ago.
Since 4 days now, the tunnel is still established, there is no traffic going through the tunnel. Everything looks good so far until i try to geht access to the other network.
In the log of the firewall, i see the allowed packages (From the sIte where i start the request).
I already set up a new one with automatic firewall rules on both sites, but got still the same problem.

Both Device has the Firmware: .9707-5



This thread was automatically locked due to age.
Parents
  • 0

    Are there changes within routing ?
    Try a traceroute from both locations to the far site.
    Results?


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • 0

    Are there changes within routing ?
    Try a traceroute from both locations to the far site.
    Results?


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
  • 0 in reply to dirkkotte

    Hi Dirk,

    thanks for your reply. Nothing has changed.
    If i have a look at the cli. I'm able to see outgoing traffic with the right source and destination, on both sides. But there is no incomming traffic.
    Traceroute stops at the local Gateway of the Firewall...

  • 0 in reply to NicoM

    "Traceroute stops at the local Gateway of the Firewall..."

    Within Traceroute can you see the def.GW of the UTM? If the traffic goes though the tunnel, you should not see the UTM-def. GW

    (or do you see the UTM itself ... the def. GW of this LAN segment)


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    Hallo Nico,

    nochmal meine Frage auf Deutsch (ich hatte komplett übersehen, dass wir im deutschen Forum sind).

    Wenn du traceroute "durch den Tunnel" imitierst, siehst du dann auch noch die IP, welche die UTM als default Gateway nutzt?

    Das würde bedeuten, dass die Traffic nicht in den Tunnel geht, sondern daran vorbei.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    HI Dirk,

    Meine Antwort wurde nicht gesendet. Diese sehe ich nicht.
    Mit dem Befehl den Balfson habe festgestellt das die Pakete in den Tunnel gehen.

Unfiltered HTML