This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't select own deprecated VPN IPSEC policies

Hello.

After upgrading to 17 MR1 (and again on MR2 and 3) my IPSEC connections to an old router (Zyxel SBG3300) are not working anymore!

Sophos is in "respond olny" but the issue is that, if I edit the IPSec policy I made to connect to the Zyxel years ago, it shows me that some parameters are "not reccomended because they are not secure".

The editor gives me the possibility to use them, and I can correctly save the policy but, when I want to use that policy in an IPSec connection, the polcy doesn't appear in the dropdown menu!

I need that policy, I know thay are not so secure, but I need it and I want it to be usable again in an IPSec connection.

Thanks, Mat



This thread was automatically locked due to age.
Parents Reply Children
  • ...I thought you were right (you were!) but the VPN tunnel can't be estabilished at all!

    The policies are the same as before (except for the "disconnect" instead of "re-initiate" parameter as you suggested) but the "received IKE message with invalid SPI" is logged: it seems there are a lot of other posts with this problem with Sophos XG new firmware!

    Can I provide something ti help?

    Our customer is seriously thinking about changing to another appliance because of all the problems we had with Sophos concercing IPSEC VPNs, web traffic content issues, poor VPN SSL speed performance... all things that are other 100+ threads on this forums!

    Can Sophos provide really support to customers or not??? I'm disappointed.

    Thanks, Mattia Trussardi