GRE TUNNEL BTW TWO XG FIREWALL NOT WORKING

Hello Helix,

Thank you for contacting the Sophos Community.

If you do a pcap on the GUI of  both devices, do you see the packet leaving the Sophos1 GRE interface and arriving at the Sophos2 GRE interface?

Regards,

emmosophos

I can only see the traffic going out, both are not receiving the traffic

Please assist

Why not using Route based VPN? 

LuCar Toni

The main request is to setup a GRE tunnel between a Cisco and A Sophos Device and IPSec over it. I give support for the Sophos End and when the configuration was completed I was able to ping the Cisco Tunnel IP but the other end (cisco) could not ping my own tunnel IP.

This is the reason why i decided to setup a LAB and create GRE tunnel between two sophos device and its obvious now that the issue i was facing with the Cisco device is occurring as i cant ping the two XG remote tunnel IP from the host.

And Pcap share above shows that the traffic is going out but not been received. I have created several Firewall rule and routes it's still not working.

So forget route based VPN the request is a GRE tunnel.

And Cisco does not support Route based VPN?

I cant say but what they want is GRE are you saying GRE does not work on sophos ?

No but i did not have any use case in the last 2 years for GRE. All vendors moved on to route based VPN, as GRE was likely a workaround for that time. So icannot help about GRE. 

No problem. I'll wait to see if there are engineers who have successfully implemented GRE