Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 3612 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSEC Tunnel between two UTMs

poetter
Hi all,

I setup a IPSEC tunnel between two UTMs. 

The Setup is as follows

Site A:

Connection:
Remote Gateway: Site B Remote Gateway
Local Interface Site As public interface
Policy AES-256 PFS
Local Networks: Any
No Automatic FW Rules, Strict routing, or bind tunnel to local interface

Remote Gateway:
Type: initiate
Gateway. Site Bs public IP
Remote Networks: 172.19.0.0/16


Site B:
Remote Gateway: Site A Remote Gateway
Local Interface Site Bs public interface
Policy AES-256 PFS
Local Networks: 172.19.0.0/16
No Automatic FW Rules, Strict routing, or bind tunnel to local interface

Connection:
Type: initiate
Gateway. Site As public IP
Remote Networks: Any

We want to route any traffic from site B through the tunnel to site A.
Everything connected behind the UTM at site B is just fine, but the UTM at site B itself is not able to ping Site A. The traffic is routed to the public interface of site B.

Do I have to enable "Bind tunnel to local interface" at site B to enable tunnel routing for UTM itself, or did i miss something else?

Thx in advance


This thread was automatically locked due to age.
Parents
  • 0
    On RED Management -> Server Client Managment you can add a new connection. There you can choose between RED 10, RED 50 or UTM. Use UTM and enter a branch name.

    You can then download the config which you can upload in the other site (which will then act like being a RED) on RED Management -> Client Tunnel Management -> Add Tunnel

    This will create the RED tunnel between the two UTM's.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Reply
  • 0
    On RED Management -> Server Client Managment you can add a new connection. There you can choose between RED 10, RED 50 or UTM. Use UTM and enter a branch name.

    You can then download the config which you can upload in the other site (which will then act like being a RED) on RED Management -> Client Tunnel Management -> Add Tunnel

    This will create the RED tunnel between the two UTM's.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Children
No Data
Unfiltered HTML