Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2463 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec to additional Addresses?

NewImage
Hi

I have a Interface with about 10 other additional IP addresses. When I try to make a IPSec tunnel to one of those addresses, there is no response. But when I use its main IP address it works (There are no NAT rules on that IP address). There is no ability under Site-to-site VPN -> IPSec -> Connections to select one of these addition IPs, just the interface. 

When I look at the logs, it looks like it listens to all IPs on that interface for incoming connections, but I guess its just the main.

Is this intentional where only the main IP on an interface can listen for IPSec Tunnels or a bug?


This thread was automatically locked due to age.
Parents
  • 0
    I responded on the other thread linked to in the post above by ocw.  It didn't work because the clients would have to be configured to accept IPsec messages from the Additional Address "signed" with the Primary IP of the interface.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    I responded on the other thread linked to in the post above by ocw.  It didn't work because the clients would have to be configured to accept IPsec messages from the Additional Address "signed" with the Primary IP of the interface.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML