Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 14 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1111 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Route internet traffic across IPSEC

Stuart James

I have the following setup with an IPSEC tunnel between the two Sophos XG firewalls.

Internet traffic from 192.168.1.1 goes out through Internet 1

I want to say that for traffic with a destination of 8.8.8.8, go across the IPSEC tunnel and out through Internet 2 - all other traffic remains on Internet 1

I've tried:

system ipsec_route add host 8.8.8.8 tunnelname <tunnel>

set advanced-firewall sys-traffic-nat add destination 8.8.8.8 snatip 192.168.1.1

Packet capture shows traffic is being sent to the IPSEC tunnel correctly on Sophos (192.168.1.254) but the traffic never arrives at the other end.

What am I missing?



This thread was automatically locked due to age.
Parents
  • 0

    Hi Stuart,

    Thank you for reaching out to Sophos Community.

    • Have you tried to use any how-to videos, documentation, Sophos Assistant, or KBA for troubleshooting?
    • Verify if firewall rules are created to allow VPN traffic. Going to WAN and coming back
    • Packet capture from 192.168.2.254 to verify what happened to the packet
Reply
  • 0

    Hi Stuart,

    Thank you for reaching out to Sophos Community.

    • Have you tried to use any how-to videos, documentation, Sophos Assistant, or KBA for troubleshooting?
    • Verify if firewall rules are created to allow VPN traffic. Going to WAN and coming back
    • Packet capture from 192.168.2.254 to verify what happened to the packet
Children