Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 2 subscribers
  • Views 5762 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec Side 2 Side VPN with DHCP WAN Interface (9.400-9)

AnotherStranger

Hi there,

We are currently experiencing strange connection problems via IPsec Side 2 Side tunnel from our SG125w to a juniper SSG5.


There are 2 WAN interfaces with different IP's delivered via DHCP from our ISP (cisco cable modem).

The VPN tunnel will be created but only if i set the second WAN IF as "IPv4 default Gateway". Without this option our SG125w won't create the tunnel and a connection timeout will be logged.

The same happens on the SSG5, there is only a connection timeout in the logs after i disabled the "default Gateway" option.

Interestingly that there is nothing in the Firewall logs (e.g. connection DROP's)

Does anybody has a suggestion why this is happening? And how can i "fix" this without using Uplink Balancing and 2 IPv4 default Gateways?

Cheers,
Dave



This thread was automatically locked due to age.
  • 0

    Why do you want to not set a default gateway in the second WAN connection?  Or, are you saying you have two IPs delivered on the same ISP connection?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    I was able to fix my problem with some simple multipath rules for incomming and outgoing traffic (and my vpn tunnel)


    - We hat multiple IP's from different subnets over one physical ISP WAN connection.

Unfiltered HTML