Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 1 subscriber
  • Views 4542 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM9 in AWS VPC <sigh>

lprikockis_01
I feel like us AWS/UTM users need our own support group sometimes...

anyway-- a hopefully simple question:

For setting up IPSec site-to-site tunnels to servers within a private subnet of a VPC, is it always necessary to have NAT-T enabled in order for the the IPSec traffic to get routed through Amazon's network infrastructure correctly?

I've gotten conflicting answers from AWS on this and my own experience has been equally mixed.  I have several tunnels that SEEM to work ok with NAT-T disabled, but at least one that absolutely will not come up unless it's DISABLED on both sides.    In other cases, traffic seems to get routed properly only if it's ENABLED.

Since this is apparently a global setting on the UTM, I'm in a bit of a pickle.  Anyone with any experience/success stories in this area?


This thread was automatically locked due to age.
Parents
  • 0
    not sure what to make of the fact that the users on this board were far more helpful than the paid support I'm getting from both Amazon and Sophos, but I sure appreciate it!

    I'm not familiar with Amazon's offering.  The Sophos support is more focused on Break/Fix than creating configuration solutions - it depends on resellers for that service.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    not sure what to make of the fact that the users on this board were far more helpful than the paid support I'm getting from both Amazon and Sophos, but I sure appreciate it!

    I'm not familiar with Amazon's offering.  The Sophos support is more focused on Break/Fix than creating configuration solutions - it depends on resellers for that service.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML