This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Conection VPN between two sophos on AWS

We instaled two sophos utm on instaces in aws.
The instaces have a elastic ip, and we tried to conected each other by VPN IPSEC.
We add the elastic IP like a remote gateway but they can't conected.

This thread was automatically locked due to age.
  • I am not all that familiar with elastic IPs, but I am guessing they act similar to dynamic ones until you release them.

    The gateways would be your external facing IP addresses, or what I did was create a DNS host and used those after creating them on UTM.

    Use the local RSA key to connect them, avoid the local pre-shared key word in my opinion - I have had nothing but problems with that, and it's not as secure as the RSA key generated by each UTM.

    If you can, you could post some screenshots of your IPSec set up from the Remote Gateways tab and Connections tab so we can see the set up.  Feel free to obfuscate any IP address/other information you don't want public.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • ¡Hola! Enrique and welcome to the UTM Community!

    In addition to the screen captures requested by Amodin,

         1. Confirm that Debug is not enabled.
         2. Disable the IPsec Connection.
         3. Start the IPsec Live Log and wait for it to begin to populate.
         4. Enable the IPsec Connection.
         5. Copy here about 60 lines from enabling through the error.

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA