Thursday, December 27, 2018

Having an issue with AWS Site to Site VPN to Sophos XG

Hi All, at my wits end here. We typically don't use AWS or Sophos but the customer isn't ready to migrate yet and I need to get this site to site working.

I have a customer with an XG Firewall on firmware 17. I've been going off of this guide https://community.sophos.com/kb/en-us/133057

The VPN tunnel connects, but I cannot reach any of the servers on AWS. I even created a brand new VPC and brand new micro instance per Sophos' guide for testing, but still nothing.

The internal network is 192.168.10.0/24 and the test network I put on AWS is 192.168.11.0/24. The test server on AWS is 192.168.11.10

My routes look right to me. I set the security group to allow all traffic from 0.0.0.0/0 (again, just for testing). I cannot ping my AWS test server from the Sophos' tools menu. If I do a traceroute from the Sophos to 192.168.11.10, it correctly tries to send over the ipsec0 interface.

https://imgur.com/a/OAEv7SV is a link to some screenshots.

TIA



No comments:

Post a Comment