Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 1033 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

S2S IPsec - Proto UDP

Gib GoDesk

Hey guys.

I'm investigating a problem and would like to know about your experience.

My Sophos in version 18.0.4 with a VPN IPsec Site 2 Site has constant drops in the UDP protocol in this VPN communications. Link VPN is ok and no packet loss.

I'm noticing that only in this UDP protocol I have drop.

FW rules are the most permissive at the moment.

What could it be and how could I investigate further?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to FormerMember

    Thank's for your time.

    I don't have this protection enabled in my DOS settings.

    I couldn't identify reset connections in packet capture. I'm analyzing.

    I know it's something related to IPsec, because services like SIP, RADIUS, RDP - which use UDP protocol and constant connection failure. This only on VPN IPsec.

    I'll try to make some evidence as soon as I get some result in the capture. If you know another way to show what I'm looking for, I appreciate the tip.

    But any experience with this type of problem with IPsec will help me a lot.

  • FormerMember
    0 FormerMember in reply to Gib GoDesk

    Hi ,

    I'd suggest follow the instructions on the following KBA and see it helps: 

    The following command will help with the UDP traffic if you have unstable IPsec VPN connections:

    set vpn conn-remove-tunnel-up disable

    • When turned off, it won’t flush the connections when IPSec tunnels come up.

    Thanks,

  • 0 in reply to FormerMember

    I have the same issue with UDP connections over an IPSec tunnel. In my case it is an RDP Connection every few minutes the connection hangs for a few seconds. 
    Now we switched to an RED Tunnel and the RDP connection works as expected. 
    For this issue I have opened a Support case,...

    The "set vpn conn-remove-tunnel-up disable" didn't solve the problem.

  • +1 in reply to Ben@Network

    Thank you Gentlemen for your time.

    Sorry for the lack of feedback. I had to take a break from work.

    I didn't find the problem, but I solved it by redoing the IPsec connection.