Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 28 subscribers
  • Views 40216 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG 210 to Fortigate 100C - IPSec Tunnel up, I am unable to pass traffic across tunnel

ZoelDufort

I am working with my first Sophos devices and am running into a problem passing traffic over an established IPSec VPN tunnel.

I have a VPN tunnel established between Site A (Sophos XG210) and Site B (Fortigate 100c). I created a static route for the remote LAN at Site B on the XG Firewall, which is 10.20.0.0/24 on Port 2 and then configured a static route for Site A remote LAN (10.5.0.0/24) on the Fortigate. I have 2 rules in place on either site, at the top of the policy list. Sophos has LAN All->VPN All and VPN All->LAN All, and on the Fortigate Side LAN All->VPN All and VPN All->LAN All.  IPsec connection on XG Firewall has Local Subnet of Site A (10.5.0.0/24), and Remote Subnet of Site B (10.20.0.0/24). I cannot figure out why I cannot pass any traffic over the tunnel in either direction. Any help would be greatful!



This thread was automatically locked due to age.
Parents
  • 0
    Are you refering to IPSec Policy or Firewall Policy? My IPSec Policy should be good as the Tunnel is up. I do see drops when doing a drop_packet_capture in the CLI The first 2 IP addresses are the IPSec endpoints. Not sure why it shows port management port 4444 for the Sopho's endpoint.


    2016-02-11 14:58:50 0102021 IP 96.53.29.98.54636 > 162.157.6.178.4444 : proto TCP: R 4161311684:4161311684(0) checksum : 48806
    0x0000: 4500 0028 6967 4000 7b06 6f82 6035 1d62 E..(ig@.{.o.`5.b
    0x0010: a29d 06b2 d56c 115c f808 93c4 a429 b383 .....l.\.....)..
    0x0020: 5014 0000 bea6 0000 0000 0000 0000 P.............
    Date=2016-02-11 Time=14:58:50 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port2 out_dev= inzone_id=0 outzone_id=0 source_mac=00:23:3e:63:1b:bc dest_mac=00:1a:8c:50:f2:29 l3_protocol=IP source_ip=96.53.29.98 dest_ip=162.157.6.178 l4_protocol=TCP source_port=54636 dest_port=4444 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=3690756390629933056 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A
Reply
  • 0
    Are you refering to IPSec Policy or Firewall Policy? My IPSec Policy should be good as the Tunnel is up. I do see drops when doing a drop_packet_capture in the CLI The first 2 IP addresses are the IPSec endpoints. Not sure why it shows port management port 4444 for the Sopho's endpoint.


    2016-02-11 14:58:50 0102021 IP 96.53.29.98.54636 > 162.157.6.178.4444 : proto TCP: R 4161311684:4161311684(0) checksum : 48806
    0x0000: 4500 0028 6967 4000 7b06 6f82 6035 1d62 E..(ig@.{.o.`5.b
    0x0010: a29d 06b2 d56c 115c f808 93c4 a429 b383 .....l.\.....)..
    0x0020: 5014 0000 bea6 0000 0000 0000 0000 P.............
    Date=2016-02-11 Time=14:58:50 log_id=0102021 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port2 out_dev= inzone_id=0 outzone_id=0 source_mac=00:23:3e:63:1b:bc dest_mac=00:1a:8c:50:f2:29 l3_protocol=IP source_ip=96.53.29.98 dest_ip=162.157.6.178 l4_protocol=TCP source_port=54636 dest_port=4444 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=3690756390629933056 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A
Children
No Data