The overriding issue is that a Sophos XG (17.5) drops VOIP traffic over a VPN. After just over 30 seconds the call drops.
This was initially fixed by using 'advanced firewall bypass blah blah' (it is NOT asymmetric, Sophos just drops packets because it feels like it), but in true Sophos fashion, one day it just decided to stop routing all together. Now with bypass stateful packet inspection turned on, the Sophos won't route traffic for the VOIP subnet. After removing the bypass, it will route, but drops calls after 30 seconds.
The firewall logs show 'Could not associate packet to any connection', but presumably that's because it has a routing table that it's just ignoring? Who knows. The traffic can get to the phone, but at some point the Sophos just changes it's mind.
I'm not even 100% sure why I'm posting this. Maybe on the off chance someone can make a good suggestion. I expect a slew of Sophos defense, but the bottom line is these devices are permanently buggy, and Sophos support is non-existent.
This thread was automatically locked due to age.
