Help with IPSec site-to-site tunnel setup - connection good but no traffic

Question

Greetings everyone, 
 On site setting up new XGS-136. I've got everything working on cutover with the exception of traffic moving through my IPsec site-to-site tunnels. 
 All connections are green: 
 
 Created Inbound and Outbound rules, linked to NAT: 
 Inbound: 
 
 Outbound: 
 
 I cannot ping through tunnel or access resources. 
 Any ideas would be most appreciated.

Bharat J · Accepted Answer

Thanks, Sean Rome for updating the status, issue got resolved by deleting the IPSec VPN tunnel and re-creating IPSec VPN tunnel back by Sean Rome later we found issue with the firmware version SFOS 19.0.0 GA-Build317 running on Sophos XG 
 The issue is fixed with the latest firmware version SFOS v19 MR1 Build 365 you will update the firmware and monitor it further 
 Below the link is Sophos release note : 
 https://docs.sophos.com/releasenotes/index.html?productGroupID=nsg&productID=xg&versionID=19.0 
 Firmware link: https://community.sophos.com/sophos-xg-firewall/b/blog/posts/sophos-firewall-v19-mr1-re_2d00_release-build-365-is-now-available 
 Thanks and Regards

Bharat J · Answer

Hi Sean Rome

Please share current settings System --->Admininstration -->Device Access, Ping is tick mark under VPN Zone?

Start tcpdump console>tcpdump 'host <Destination IP address> and proto ICMP

Please go to MONITOR & ANALYZE-->Diagnostics-->Packet Capture and click on Configure 'host <Destination IP address> and proto ICMP from GUI

Please go to MONITOR & ANALYZE->Current activities-->IPSec Connection and share the status

Thanks and Regards

Help with IPSec site-to-site tunnel setup - connection good but no traffic

Top Replies