Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 2 answers
  • Subscribers 2 subscribers
  • Views 15477 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

GRE Tunnel?

Louis-M

Does the UTM support site to site GRE tunnels?



This thread was automatically locked due to age.
  • 0

    Hi Louis,

    Greetings.

    Sophos UTM 9 does not support GRE as of now. This feature is included in the upcoming release, code-named Project Copernicus. This is not yet exposed in the GUI, but can be configured from a CLI if needed. In UTM 9 the alternative solution is using RED.

    Thanks,

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0

    Louis, each time a client has asked me to configure a GRE tunnel,  discussion with the other party revealed that they could do a regular IPsec tunnel.  The first time that that happened with AT&T, it took weeks. The second time, just a day.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Yep, I know they can do an IPsec tunnel but they are stubborn and won't. The rest of their customers end up using a GRE tunnel so they won't bend for us.

    We currently have ASA 5510's in there with GRE tunnels but we're looking to replace them shortly as they are approaching end of life. The UTM's are ideal for this.

    It's good to know it can do a GRE and ithere are plans to expose it in the GUI. For me, I think Sophos are on to a winner if they can generally do what an ASA does as the ASA's are the standard and getting people to move from them could prove difficult if there's a lot of difference in capability.

    At the moment, we have gained a lot from switching from a 2x ASA 5510 to 2x UTM SG310 but I know the GRE question will come into it shortly as we look at the next purchase. Hopefully it's not too long in the offing.

    Is there a current list of what is included in the upcoming releases etc?

  • 0 in reply to Louis-M

    Hi Louis,

    Thanks for choosing Sophos. In our latest v9.400 release for UTM 9, we introduce Sandstrom, which is an advanced malware security feature.

    You can refer the this link for further information on Sandstrom: https://www.sophos.com/en-us/medialibrary/PDFs/factsheets/sophos-sandstorm-dsna.pdf?la=en

    Currently, GRE is supported in our new project named Copernicus. Please refer the link to understand the features with XG:

    https://www.sophos.com/en-us/products/next-gen-firewall.aspx

    If you are looking into an alternative for GRE with UTM v9 products, you can use RED.

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to Louis-M

    Louis, if this is AT&T, I believe they now have an internal memo about this.  PM me your location and the name of the AT&T person you're dealing with and I'll try to find the info about the last problem we had with this almost two years ago.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML