I have had a site-site VPN link to/from my inlaws for simple NAS backups and running backup email MTA for about 5 years now.
both XG firewalls have just been updated to SFVH (SFOS 18.5.2 MR-2-Build380), however since the update the SSL Site-Site VPN stopped connecting (it seems that any VPN changes on the XG firewall initiating the connection is very slow to the point of the message "the change has taken a long time, check the logs for progress").
I tried rebooting the router, and recreating the connection with no success, so I migrated to a RED Tunnel (RED Firewall Server/Client) which has fixed all of the LAN-LAN link issues and is working perfectly so the backups that were overdue are now running (good news!)
The inlaws XG box is also the backup MTA for my mail server, and it has a mirror of all of the MTA configuration on my XG box and this has been working well as a backup when BT decides to break the fibre connection to the house, or when I decide to rebuild my server box!
Since moving to the RED Tunnel:
- I cannot ping the internal mail server through the RED Link from the remote XG box (diagnostics page), but I can from any PC on the remote LAN.
- The route lookup on the diagnostics page confrims that the route for the mail server is through the interface reds2 through the router <<RED Link IP>>
- I get the BOUNCED message below immediately after a message has been tried to be sent, either a test or a received email to be relayed to the mail server.
- There are no log entries in the mail server rejecting a connection from either the RED IP or Remote XG IP.
Any ideas how I get the remote XG MTA to be able to connect to the email server across the RED Tunnel ?
Thanks
Ian
This thread was automatically locked due to age.
