Hi,
one of our remote SG is currently pushing all it's own system generated traffic into the IPSec tunnel to HQ with one of it's WAN Interface IP's.
This is SMTP, SNMP, Syslog, LDAP, RADIUS....
The traffic is sent into the tunnel with source IP=WAN Interface. This is wrong. It should use it's primary LAN interface IP.
This behaviour started, after we changed the Tunnel configuration so that the remote SG networks are covered by an IP Network range, instead of putting in every single Host IP as single object.
This is now acting like on XG where we need to create special SNAT rules for IPSec for XG's system generated traffic:
set advanced-firewall sys-traffic-nat add destination
system ipsec_route add net 192.168.0.0/255.255.252.0 tunnelname MyTunnel
Is this a regular behaviour?
community.sophos.com/.../snmp-traps-smtp-and-syslog-all-sending-from-incorrect-interface
This thread was automatically locked due to age.