Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 1600 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP Relay over Routing-Based IPsec in SFOS 19 not workin

Digit23

I have routed based ipsec tunnel between head and branch.  At branch I have a network on the firewall where I want a dhcp-relay that relay to a dhcp server at the head office.  I need routed-based (as opposed to policy based) for OSPF.

over 2 years later, does this still apply ?

https://community.sophos.com/sophos-xg-firewall/f/discussions/122932/dhcp-relay-over-routing-based-ipsec-in-sfos-18-0-1-not-working



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to LuCar Toni

    SFOS advertise dhcp-relay

    SFOS advertise routed-based ipsec

    It's a bug fix, not a feature request.

    I know that sales people don't care about that because they already label the box with "dhcp-relay" and "routed based ipsec" and that's all they care and now push dev. team for more label to put on the box, but that just bad...  Business driven by sales people deliver crapy product.

    bug fix should be top priority, i will fill a bug report and hope for some result...

  • 0 in reply to Digit23

    As it is documented to be a known limitation, it is not a Bug report, instead a limitation, which can be lifted. docs.sophos.com/.../index.html

  • 0 in reply to LuCar Toni

    cool, when bug are documented they become a "limitation".  problem solved...

    that the path to allot of feature on a broken product.

    roger, out...

  • 0 in reply to Digit23

    Actually If there is a not implemented feature, it is a limitation, which is documented and you cannot configure it.

    A Bug would mean, you can configure it and it does not work. 

    This is actually on the roadmap to implement this feature in a future release. Feel free to talk to your local sales to get more insights to share. 

  • 0 in reply to LuCar Toni

    So by your definition it is a bug then...

    you can set up a site-2-site routed-based VPN.
    you can set up a dhcp-relay that listen on a local interface and you can put the remote dhcpserver (VPN reachable, pignable from the router) in the dhcp-relay config.  You can apply/save that, no warning, no error

    it just doesn't work... bug...