Hello!
I am having a IPSEC setup between a Sophos XG125 (SFOS 16.05.0 GA) and a Sophos XG85 (SFOS 16.01.1).
They are setup using PSK and from the XG125 point of view the 'local network' is 172.16.9.0/24 and the remote network is 10.30.0.32/28.
Vice versa on the XG85 obviously.
The IPSEC is established - the Connection and Active icons are green.
Pressing the exclamation mark under the connection column on my IPSEC-tunnel, it shows the local and remote network with a green icon.
Now doing some troubleshooting, the problem is that the policy based routes which are defined in the IPSEC setup, is not installed in the firewalls on either side.
The command "system ipsec_route show" (console prompt) shows nothing and "the ip route show" (advanced shell) shows no sign of ipsec routes.
Adding a static route for these networks in the console solves the problem, it shows up under "system ipsec_route" and the traffic is working as expected.
These are the commands for the static route bit:
XG85
system ipsec_route add net 172.16.9.0/255.255.255.0 tunnelname t1
XG185
system ipsec_route add net 10.30.0.32/255.255.255.240 tunnelname t2
Am I missing something or why doesnt the policy based IPSEC work as expected?
Thanks!
Regards
This thread was automatically locked due to age.
