Previously I had an ASA to ASA tunnel from my office to a client site. I replaced our ASA with an XG210 running 17.03 MR3 (Will upgrade to MR6 tonight). With the ASA in place we had no issues with the tunnel but with the Sophos XG we are experiencing regular tunnel crashes.
The behavior is very strange. If we have a session over the tunnel when it crashes the session stays active. This means that when I am using Putty over the tunnel I can keep using that Putty session but I cannot create any new sessions. The only way to create a new session is to manually bring down the tunnel then bring it back up.
I created a ticket with support and they looked at the logs for a couple days and then said they couldn't see any issue. My biggest obstacle is that I do not have access to the ASA. It is managed by another MSSP, so I cannot access the ASA logs. However, like I said we have no issues with our ASA in place.
Really my question comes down to this, is anyone here aware of specific configuration issues which cause this behavior OR specific configuration issues which can prevent the XG and an ASA from successfully holding a tunnel.
It is probably worth mentioning that I have several other XG to ASA tunnels on the network which are fine and stable. It is just something on this on specifically.
This thread was automatically locked due to age.
