Hello everybody.
I am a new Sophos user and an even newer forum member.
I have recently replaced my ASA with a Sophos SG230. It took me a while, but I managed to replicate the settings and rules, but the VPN seems to be a gigantic pain in my neck [:(]
I have a Site2Site IPSec VPN with a Cisco Device, which is up and running. The thing is that every morning I have about 20-30 emails from the Sophos telling me that VPN sonnection is down and then up again. Usually this outage lasts for some seconds only, but there have been several times that the VPN goes down and it does not come back up again until I manually restart it.
Searching the log files, the information I get is driving me crazy. For example,
- DPD: Could not find newest phase 1 state
DPD: No response from peer - declaring peer dead
DPD: Restarting all connections
(This part happens in in 10 seconds and everything is back on, or it can go on for hours until someone manually restarts the VPN )
- IPSec SA expired (LATEST!)
- Ipsec starter stopped
starting strongswan [...]
no default route - cannot cope with %defaultroute!!!
Help...? [:S]
Thank you in advance for your time [:D]
I have enabled link balancing, but I have also setup the multipath rules to bind all IPSec traffic to the correct interface [:)]
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
