Hello, I have a very curious problem.
I implemented a Sophos XG 310 in a client and it was necessary to configure 9 VPNS in tunnel interface mode with branch offices, in each branch there is a SonicWall, the protocols used in the phases are weak, SHA1 and 3DES, this will be improved soon, when the customer exchanges all SonicWall for Sophos XG 125, thus redoing these VPNS.
Well, the case is that at the moment these VPNS have a strange problem, the tunnels keep working for about 6 hours and then they all fall and don't go up, I need to do this manually, in the XG logs I saw several messages like this "the received CHILD_SA proposals did not match: ESP: 3DES_CBC / HMAC_SHA1_96 / MODP_1024 / NO_EXT_SEQ, ESP: AES_CBC_256 / AES_CBC_192 / AES_CBC_128 / HMAC_SHA2_512_256 / HMAC_SHA2_4_HHA_EX_4"
It's a very curious thing, how can VPNS spend hours connected and then simply fall?
Has anyone here been through anything like this?
Thank you !
This thread was automatically locked due to age.
