Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1043 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

xfrm interface not shown after creating VPN connection to Azure VPN Gateway

Giuseppe R

Hello everyone, 

we followed this guide (https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/126356/sophos-xg-firewall-v18-to-azure-vpn-gateway-ipsec-connection) to setup the azure vpn connection be cannot complete it due to the missing interface. The vpn connection works flawlessly but i am missing somehting in regard to this interface. 

We have two xg-firewalls connected as an HA-Cluster. The two firewalls are connected behind another router/modem which connects to our provider. Could this be the issue that the firewall won't create the xfrm interface because it doesn't use the internal modem? 

I already checked other threads regarding this topic but I can confirm that there are no hidden interfaces. I even tried different browsers (Chrome, Firefox, Safari)

Any help would be much appreciated.



This thread was automatically locked due to age.
Parents
  • 0

    Hi : Thank you for contacting the Sophos community team, I know you have already tried all way but just wanted to confirm if the below details getting matched with your issue, you may try the same way if that helps to fix your issue.

    community.sophos.com/.../441193

  • 0 in reply to Vishal_R

    Thank you very much for your answer, I looked into the "WAN link manager" and into the interfaces as described in the other thread and unfortunately i cannot find the place where to override the MSS setting only for the VPN connection.

    As you can see Port1 or Port2 are our WAN-Interfaces and they have a public ip assigned as an alias. Also there is no expanding possible.

     

    These are our two WAN Gateways.

    I hope this helps.

Reply
  • 0 in reply to Vishal_R

    Thank you very much for your answer, I looked into the "WAN link manager" and into the interfaces as described in the other thread and unfortunately i cannot find the place where to override the MSS setting only for the VPN connection.

    As you can see Port1 or Port2 are our WAN-Interfaces and they have a public ip assigned as an alias. Also there is no expanding possible.

     

    These are our two WAN Gateways.

    I hope this helps.

Children
No Data