I've got an installation of Sophos UTM 9 connected to four AWS VPCs with Site-to-Site. I created Customer Gateways, Virtual Private Gateways and a Site-To-Site connection in each of the private VPCs. I then exported the configuration from AWS and imported into Sophos. So far so good - the tunnels are up. I've set the route tables to propagate routes and the route tables seem to be OK.
However, when I try to ping an EC2 in one of the private VPCs, I get 100% packet loss:
PING 10.93.1.4 (10.93.1.4) 56(84) bytes of data.
--- 10.93.1.4 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4032ms
If I try traceroute, I get the following:
traceroute to 10.93.1.4 (10.93.1.4), 30 hops max, 40 byte packets using UDP
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
I set up a static route to the VPC, using the internal network card as the gateway, and I get the following response from traceroute:
1 10.93.1.4 (10.93.1.4) 2.209 ms 1.688 ms 1.850 ms
2 10.93.1.4 (10.93.1.4) 4.789 ms 4.688 ms 4.018 ms
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 10.93.1.4 (10.93.1.4) 9.051 ms 8.660 ms 8.439 ms
10 10.93.1.4 (10.93.1.4) 9.112 ms 8.900 ms *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 10.93.1.4 (10.93.1.4) 14.498 ms * *
17 10.93.1.4 (10.93.1.4) 15.581 ms * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 10.93.1.4 (10.93.1.4) 19.517 ms * *
This looks like I'm getting intermittent pings back.
What is going on? Am I on the right path with the static route?
Thanks for any help!
This thread was automatically locked due to age.
