Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 1199 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

failover group problem

StefanoColombo

We have an issue with failover group in a pair of XG .

We have a configuration with 3 sites all with  Sophos XG

One site has a dual ISP connectivity , the other two have single ISP .

The Site with dual ISP has been configured as respond-only the other two as initiate-connection.

So each site has a configuration with dual VPN connection setting toward the site with dual ISP as follow

SITEA ISP1    ->  SITEB ISP1

SITEA ISP1    -> SITEB ISP2

SITEC ISP1    ->  SITEB ISP1

SITEC ISP1    -> SITEB ISP2

 

Each site has a failover group configured .

The problem is that for one site's pair ( ie SITEA->SITEB )  the failover group does not let the vpn to establish .
If I enable the failover group on site B ( the receive only ) the vpn doesn't come up .
If I disable the failover group and enable both the vpn connection setting the VPN establish correctly ( so the configuration is correct )

 

The other "pair" SITEC->SITEB which is configured the same way does not have such problem

 



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi  

    Thank you for reaching out to the Community!

    Have you configured failover Conditions to PING the gateway? If yes, try to change the Failover Condition to TCP and enter the port number that you know is open on the peer firewall. 

    Thanks,

Reply
  • FormerMember
    0 FormerMember

    Hi  

    Thank you for reaching out to the Community!

    Have you configured failover Conditions to PING the gateway? If yes, try to change the Failover Condition to TCP and enter the port number that you know is open on the peer firewall. 

    Thanks,

Children