Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 17 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 1309 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec to IPsec communications

Lyubomir Todorov

Hello

We have Sophos XG310 (SFOS 18.5.2 MR-2-Build380) installed and configured for over a year and everything is working fine but now with Covid and home office's we've been stuck in some problems with VPN to VPN communications 

We are using IPsec VPN and this is our configuration 

LAN network 172.16.77.0/24
IPsec network 17216.74.0/24

We have communication between LAN-to-VPN VPN-to-LAN and everything else but nothing between VPN-to-VPN

There are Rules added to "Rules and policies" and even added the VPN network to "Permitted network resources"

There's not even a PING between VPN to VPN



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Lyubomir Todorov

    Hello there,

    What is the range of your SSL VPN?

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to Lyubomir Todorov

    Hi Lyubomir Todorov 

    Hope you are doing good.

    VPN-VPN firewall rule requires if your have Head office and Branch Office connected with IPSec VPN and your remote user is connected to HO and wants to access resource of BO.

    If you are not getting traffic flow on Firewall as per the drop packet capture or tcpdump , means no issue with firewall but to make sure the resource we want to access from outside are accessible on LAN, if they work on LAN it will work from outside.

    If you have shared some more information as per the first post please share the logs for below command it would be helpful 

    Please check traffic flow with tcpdump and drop packet capture 

    console>tcpdump 'host <destination IP> and proto ICMP

    console>drop-packet-capture 'host <destination IP> and proto ICMP

    And as per your post it seems your both employees are now working from home and same software used from communications is not working as they are not in LAN ? May I know the error or error message you are getting while communicating ?

    it would be great if you share how both the employees are they able to reach over ping connectivity test ?

    Please share ipconfig /all for both the users if they have windows and ifconfig in case user have linux 

    Thanks and Regards 

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?