Hi all
I have been using Cisco VPN on clients behind my SG115 running SFOS 16.05.3 MR-1 and was able to successfully connect. The clients run macOS 10 and iOS 10. A couple of weeks ago the VPN connection stopped working for all clients behind the SG, with no apparent changes made to the FW.
As a first step, I did a reboot of the the SG, and for a short period it worked again, then broke again. As a second step I upgraded to MR-3, same behavior. The VPN connection still works when not behind the SG.
Third step: I made a troubleshooting rule at the top of my firewall ruleset limited to destination address (IPv4) of the VPN server in order to see verify the traffic. The VPN traffic never shows in the log. When making a simple tcp-connection to any port on the destination server, it shows immediately in the log.
This leads me to the question if there is a potential bug in SFOX 16.05.x when it comes to handling Cisco IPSec passthru traffic (aka AH, ESP, udp/500+4500+10000)?
Any advice or further troubleshooting recommended by the community, before I open a support ticket with Sophos?
Thanks for reading
- Maurice
This thread was automatically locked due to age.