Hi guys,
I have appliance Sophos UTM SG135 v9.
I have followed this knowledge base guide - Site-to-site VPN configurations for Amazon VPC at https://community.sophos.com/kb/en-us/120922 which works great and straightforward. Behind on the UTM network, I can ping all EC2 instances and telnet successfully for running port services.
However, inside of my Sophos UTM, pinging and telneting were unsuccessful. It seems the UTM has a route issue going to AWS VPN.
utm:/root # ip route get 172.18.2.225172.18.2.225 via 169.xxx.xxx.85 dev vpc0.0 src 169.xxx.xxx.86cache
utm:/root # ping 172.18.2.225PING 172.18.2.225 (172.18.2.225) 56(84) bytes of data.^C--- 172.18.2.225 ping statistics ---22 packets transmitted, 0 received, 100% packet loss, time 21160ms
utm:/root # ping -I vpc0.0 172.18.2.225PING 172.18.2.225 (172.18.2.225) from 169.xxx.xxx.86 vpc0.0: 56(84) bytes of data.^C--- 172.18.2.225 ping statistics ---57 packets transmitted, 0 received, 100% packet loss, time 56389ms
utm:/root # ping -s 10.0.16.1 172.18.2.225 -c 2PING 172.18.2.225 (172.18.2.225) 10(38) bytes of data.
--- 172.18.2.225 ping statistics ---2 packets transmitted, 0 received, 100% packet loss, time 999ms
utm:/root # traceroute 172.18.2.225traceroute to 172.18.2.225 (172.18.2.225), 30 hops max, 40 byte packets using UDP1 * * *2 * * *3 * * *4 * * *5 * * *6 * * *7 * * *8 * * *9 * * *10 * * *11 * * *12 * * *13 * * *14 * * *15 * * *16 * * *17 * * *18 * * *19 * * *20 * * *21 * * *22 * * *23 * * *24 * * *25 * * *26 * * *27 * * *28 * * *29 * * *30 * * *
Also, I've opened firewall for the two AWS tunnels (Outside IP Addresses) with "ANY" and still no luck. Also, opened to 0.0.0.0/0 allow on AWS VPC Network ACL.
Any advise of what I am missing is deeply appreciated. Thanks!
This thread was automatically locked due to age.
