Hello,
I tried to set up an UTM-to-UTM RED Firewall Server tunnel (no legacy).Sometimes I get packetloss for around 10-20 seconds. Sometimes the tunnel doesn't even come up.And I noticed lots of martian source entries in kernel.log after enabling this RED tunnel:
2023:01:25-14:07:21 MYUTMNAME kernel: [6324855.992965] IPv4: martian source RED-SERVER-IP from MY-WAN-IP, on dev eth5 2023:01:25-14:07:21 MYUTMNAME kernel: [6324855.993049] ll header: 00000000: ff ff ff ff ff ff XX XX XX XX XX XX XX XX ...........D..
(Loglines anonymized)
But if I use RED Firewall Server Legacy instead of RED Firewall Server it works without any packetloss/problems.Also an IPSec tunnel works without any problems for weeks.
(I have multiple WAN interfaces facing the router of my company ISP)
What could be the problem here?
RegardsUTMaddict
Hey UTMaddict ,Thank you for reaching out to the community, May we know the current firmware version on the UTM 9 ?
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.
Hello Vivek Jagad ,
thanks for your answer. We are using at least version 9.712-13 on all UTMs.
keep in mind that the v2 protocol uses additional ports (3410). Maybe a firewall issue.