This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec VPN keeps down after DSL lines reconnects...

i run several ipsec tunnel for years without any problems... all runs fine with 9.355-1


since the update to 9.402-7 all ipsec tunnels are down every morning.


i checked the ipsec-logs and found out that after my dsl-lines reconnect the tunnels will not come up again.

i have to turn them off and on and then all works....


anyone can help?



This thread was automatically locked due to age.
Parents
  • PUSH!


    need help... please sophos staff seems to be a bug..

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

  • I spend several hours to the same problem too, same problem here

    Site 1: UTM/ASG 220 Appliance 9.403-4

    Site 2: UTM/ASG 120 Appliance 9.403-4

    Site-to-Site IPSec works with 9.355-1 and is broken every morning after DSL reconnect since update to 9.403-4

    VPN User can´t log in at this time. Only after reboot.

    My way to bring back the tunnel: restart UTM every day at 2...

    does not test sophos its firmware?

    we are endtesters? we are working with productive systems.....this is not possible!!

    When will be fixed this? Time is running :-(

    Greetings

    Dirk

Reply
  • I spend several hours to the same problem too, same problem here

    Site 1: UTM/ASG 220 Appliance 9.403-4

    Site 2: UTM/ASG 120 Appliance 9.403-4

    Site-to-Site IPSec works with 9.355-1 and is broken every morning after DSL reconnect since update to 9.403-4

    VPN User can´t log in at this time. Only after reboot.

    My way to bring back the tunnel: restart UTM every day at 2...

    does not test sophos its firmware?

    we are endtesters? we are working with productive systems.....this is not possible!!

    When will be fixed this? Time is running :-(

    Greetings

    Dirk

Children
  • Hi Dirk,

    I stay on my rollback to 9.355, until sophos fixes the NUTM-4173.

    If you have

    - Site 1: more DSL Interfaces (Gateway type: initiate connection)

    - Site 2: only one DSL Interface (Gateway type: answer mode)

    you could try to change the direction of the tunnel initiation

    - Site 1: answer mode

    - Site 2: initiate connection

    I do no more tests since I spent to much time with this problem ...