We have recently configure our onPrem Sophos XG Firewall to connect to GCP Cloud VPN via Site-to-Site IPSec. We managed to get our VPN established. But we cannot get both VM from 2 ends ping each other although ICMP has been enabled.
Below is our VPN tunnel.
1. 203.xx.xx.xx is our India region
2. 99.xx.xx.xx is our US region
3. 34.105.24.193 is another GCP VPN test.
All VPN has been established. Tunnels and subnets has been created. We have GCP firewall open for all ports to all instances. This is the result.
- GCP VPN (uswest) (34.105.24.193). <---> GCP VPN (asia) (34.84.53.162). = VM created in both VPN subnet can ping each other. I assume there is no issue in GCP VPN Configuration. uswest subnet 172.100.x.x and asia subnet 10.100.x.x
- Sophos XG India VPN (203.xx.xx.xx). <---> GCP VPN (asia) (34.84.53.162). = VM created in both VPN CANNOT ping each other.
- Sophos XG USA VPN (99.xx.xx.xx). <---> GCP VPN (asia) (34.84.53.162). = VM created in both VPN CANNOT ping each other.
Since the first approach works, therefore, I believe some settings is not correctly setup in Sophos XG firewall. Can you help provide some guidance on which area we should focus ?
This thread was automatically locked due to age.
