Thread Info
  • State Not Answered
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 5 subscribers
  • Views 5421 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site to Site IPSEC Tunnel between to UTM9 Firewalls - Tunnels up and ping working but no other traffic

Jamie McCarthy

Hello all,

I have established an IPsec tunnel between two sites using a pair of UTM9 appliances. I can ping between subnets on both sides. However, as soon as I try SSH or HTTP to services on the remote subnet communications fail. I have checked the automatic firewall rules and they look fine and allowing traffic in both directions at both sites. I have tried putting in manual rules as well, just to confirm.

It doesn't look like routing issues, because I can ping and firewall rules are okay.

Any help would be appreciated. 

Many Thanks

Jamie



This thread was automatically locked due to age.
Parents
  • 0

    Hi Jamie,

    Paste image of the current IPSec connections, both sides, this may provide more information.

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • 0 in reply to Argo

    Hi Jason,

     

    Thanks for answering.

    4 Screenshots attached, hope they make sense.

    Thanks again

     

     

    Head Office IPSEC tunnel to the remote site

    Public being my WAN interface

    Remote gateway definition at Head office to Dunsfold

    Remote IPSEC tunnel to the Head Office

    Remote Site (Dunsfold) configuration to the remote gateway at the head office

     

     

  • 0 in reply to Jamie McCarthy

    A quick update, I turned on logs on the automatic firewall rules to see if traffic was being dropped across the VPN and I can confirm traffic is being passed and not dropped.

    It feels like a routing issue, but I am getting ping responses from devices at both ends. 

    Not sure what to do next.

  • 0 in reply to Jamie McCarthy

    Hi Jamie and welcome to the UTM Community!

    Do #1 in Rulz - I bet you're right that you will conclude again that it's a routing issue, but we need to formally eliminate other possible causes.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to Jamie McCarthy

    Hi Jamie and welcome to the UTM Community!

    Do #1 in Rulz - I bet you're right that you will conclude again that it's a routing issue, but we need to formally eliminate other possible causes.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML