Im trying to setup a RED tunnel between two sites on Sophos XG 18.
So this is the setup:
Site1 (HQ).
LAN subnet: 192.168.9.0/25
WAN: public IP
XG IP: 192.168.9.1
RED IP: 10.47.1.1 /24
RED Type: Firewall RED Server
Site2 (Branch)
LAN subnet: 192.168.4.0/24
WAN: public IP
XG IP: 192.168.4.1
RED IP: 10.47.1.2 /24
RED Type: Firewall RED Client
From the XG admin - Configure - Network, I see "Uplink IP: public IP HQ" at HQ and "Remote IP: Public IP HQ" at Branch.
Under HQ XG admin portal - Configure - Routing, I have configured a IPv4 unicast route at both HQ and Branch. At HQ this is the config:
Destination IP / Netmask: 192.168.4.0/24
Gateway: blank
Interface: Selected HQ-10.47.1.1
Distance: 0
I have setup Firewall rules, and have also tried: Allow Source Any, destination Any.
From HQ XG admin portal - Monitor & Analyse - Diagnostics, I can ping 192.168.4.1 and 10.47.1.2:
PING 192.168.4.1 (192.168.4.1): 56 data bytes
64 bytes from 192.168.4.1: seq=0 ttl=64 time=12.866 ms
64 bytes from 192.168.4.1: seq=1 ttl=64 time=12.918 ms
64 bytes from 192.168.4.1: seq=2 ttl=64 time=12.298 ms
I cant get traffic through from HQ to Branch. If i go to a PC located at HQ (192.168.9.10) and send traffic (ping) to 192.168.4.1, i get Request timed out.
From the Log Viewer, if i filter on Dest IP 192.168.4.1, i see "Date/Time, Firewall Rule, Allowed, 40,0, Port1, reds1, 192.168.9.10, 192.168.4.1, ICMP"
If i go to Branch Log Viewer, I am not able to see any traffic.
So.. Where am I doing something wrong or what am I missing?
This thread was automatically locked due to age.
