Hi,
I would like connect my Sophos UTM to two different Amazon VPCs which have been created with different accounts. The first VPC uses an IP adress in the 192.168.x.x range. Setting up a connection to this worked perfectly using dynamic routing. However, if I setup the second connection to another VPC which is using an adress in the 10.x.x.x range the IPSec tunnel is established but no routes are exchanged. To be more specific, in the Amazon routing table I can see the propagated routes to my network but nothing on the Sophos UTM. It seems like our appliance doesn't accept/receive the routing information from Amazon. The VPN connection to the second VPC has been created in the exact same way as the first one which works perfectly fine. This seems strange to me as I don't really have much options to configure on both sides.
In the status overview the Sophos UTM shows me just the message "BGP connected" while on Amazon theres IPSec showed as up and the tunnel as down.
I also tried to delete everything on Amazon and set it up again without success. I also tried to use a different ASN number for BGP (65001) without luck.
My other attempt was to set up a normal IPSec site-to-site connection with static routing. While the connection itself worked and a tunnel was established we experienced massive packet loss. Means we were able to ping for e.g 10 seconds got a break for 30 seconds and then ping worked again for 10 seconds. To me it looks like there's sth wrong with the routing. However, I double checked to make sure there are no overlapping subnets.
Was anyone able to set up 2 or more connections to different VPCs?? If so any hints?
Any help is highly appreciated. Thanks.
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.