Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 27 subscribers
  • Views 1719 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG clients cannot ping Remote clients (IPSec)

Fasil Kaks

Hi.

We have a IPSec tunnel between Sophos XG (18) to Fortigate.

The tunnel is established and shows connected (Phase 1 and Phase2) on both side.

I can ping the Sophos clients (192.168.0.0/24) from any of the Fortigate clients (10.1.0.0/16).

The reverse, ping from Sophos clients to Fortigate clients is not working.

My setup:

1. Created policies on both the firewalls for to-and-fro vpn traffic

2. Setup the route precedence on XG as vpn, static, sdwan 

3. Setup a static route on the XG for the Fortigate network  (10.1.0.0/255.255.0.0)

Rules:

Route Precedence and IPsec static route:

Packet capture on a ping from Sophos client 192.168.0.37 to Fortigate client 10.1.100.101

As can be seen, 192.168.100.6 is the WAN port IP address where source port is shown as Port 1. 

Port 1 is the Local LAN port on the XG

Port 6 is the WAN port with static IP 192.168.100.6

Any help!!!! ??? 



This thread was automatically locked due to age.
Parents Reply Children
No Data