Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 989 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Issue in L3 SIte To Site Ipsec VPN Between Sophos XG210 To Mikrotik Router With Single Static Public IP

nabin bhandari

I have 1 Sophos xg210 Firewall with Firmware version SFOS 18.5.2 MR-2-Build380. I recently Deploy in my Office with one public IP address on my head office also i have seven Branch office but branch office don't have public ip. IPsec vpn has  between Head office to branch office, but i got one issue, when ip sec is down some reasons system log shows 'peer authentication failed' message. then when i put same password vpn is auto established this is continue in 10 time in a day. how can i solve?



This thread was automatically locked due to age.
  • 0

    Hello Nabin,

    Thank you for contacting the Sophos Community.

    Most likely you have more than two tunnels configured for Remote Gateways with * instead of an IP, here is an extract of the documentation on this:

    You can use a wildcard when the remote firewall has a dynamic IP address.
    If you specify a wildcard IP address (*), you can't set Gateway type to Initiate the connection because Sophos Firewall won't know with whom to connect.
    If you want to enter a wildcard address (*), we recommend the following:

    • Gateway type: Respond only
    • Remote gateway uses a dynamic IP address.
    • Authentication type: Don't use a preshared key.


    You must use the same preshared key for all IPsec connections that use a wildcard remote gateway address on the firewall.
    You can't use * for tunnel interfaces.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to emmosophos

    thank you

    problem has solved. when i used same password for all ipsec connection.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?