Sophos Firewall

Discussions AD replication over IPsec

Sophos Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 1 reply
Subscribers 26 subscribers
Views 1404 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD replication over IPsec

Nick Maynard1 over 6 years ago

Hi all,

I'm having a strange issue where our AD servers. they are failing to replicate over IPsec.

This is my VPN_LAN and LAN _VPN rules

this is the error

Not sure where to go with this, we are only seeing this on sites that have a sophos xg

This thread was automatically locked due to age.

0 Emile Belcourt over 6 years ago

Hi Nick,

I saw this on a site once and it was down to the MTU wherein for some reason one of the devices/switch did not like having a high MTU so it fragmented the packets and the XG didn't like it and canned them. Everything else was fine and you could RDP, Ping and pretty much most things but Domain stuff just wasn't having it due to LDAP and Kerberos issues because of the MTU.

May not affect you, but worth checking.

Emike
Cancel
Vote Up 0 Vote Down

Cancel