Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 26 subscribers
  • Views 675 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

17.5.8 connection loss on router to ipsec site

Patryk Dobrowolski

Hello Friends,
I have two isp and have ipsec failover between those two
On my xg135 from time to time got weird issue, my endpoints have connection to ipsec, and are working as usual, but router have no connection to servers (also AD server) on the other side.
I resolv this i have to restart failover group, then evrything is fine, that is problematic because stas and all that stuff are not working, sslvpn users with ad password also cant connect.

When that occur, nothing change in route table

What could be the issue?



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    Please monitor system resources when you face the issue- https://community.sophos.com/kb/en-us/123186

    For psmon- https://community.sophos.com/kb/en-us/134209

    Please try to capture packets on Port 500 4500 and proto 50 and check when there is a connection issue.

    You can access the device SSH access and in the device, console can execute the below given command.

    1. console> tcpdump 'port 500 or port 4500

    2. For ESP packet : console> tcpdump 'proto 50

    What is the status of ISP link when you face the issue?

    Also capture packets on remote IP and try to ping and verify whether packets are being sent out and received at the remote end

  • 0 in reply to Keyur

    Hello,
    starting from top to bottom,
    Resources are ok, nothing abnormal,

    Packets are going well, as stated previously from endpoints packets are flowing without issues,

    ISP link is ok, packets from our remote site to xg firewall are going back and forth without issues, but from xg firewall to remote site are not going, there is no incoming traffic on remote site.
    And again after failover group restart i have connection back normal.

    What is surprising that in firewall logs, there are no logs for xg firewall traffic, only for clients. And that made my day sad ;(

Reply
  • 0 in reply to Keyur

    Hello,
    starting from top to bottom,
    Resources are ok, nothing abnormal,

    Packets are going well, as stated previously from endpoints packets are flowing without issues,

    ISP link is ok, packets from our remote site to xg firewall are going back and forth without issues, but from xg firewall to remote site are not going, there is no incoming traffic on remote site.
    And again after failover group restart i have connection back normal.

    What is surprising that in firewall logs, there are no logs for xg firewall traffic, only for clients. And that made my day sad ;(

Children
No Data