Vpn ipsec site to site between sophos xgs and RUT271 with a SIM card

Networking Solutions
1

Hi.
In my environment I need to connect two sites:

  1. Head Office with a local connectivity and static IP address behind a Sophos XGS firewall;
  2. Branch Office with a SIM card connectivity with a Teltonika RUT271 (with latest firmware 7.13.4).

I configured a tunnel in both sides with this parameters below and a PSK:

Phase 1: AES 256, SHA512, MODP4096, 24H;
Phase 2: same as Phase 1.

Teltonika start the tunnel calling IP address behind Sophos; Sophos is waiting for a calling and answer when Teltonika start Phase 1. I see that tunnel seems to be up, I can see this on Sophos dashboard and in Teltonika VPN status. But I cannot ping anything in both sides.
I see that I’ve TX traffic but no RX.

I think that is not a Sophos problem because I know the product and I configured it many times with other brands and I always connect two sites with VPN. I think it can be a misconfiguration or something like this in Teltonika that are newly for me.

What can I check?

image
image1413×422 53.4 KB

image
image988×572 48.8 KB

image
image987×568 40.4 KB

image
image991×567 39.7 KB

image
image993×566 37.1 KB

image
image987×567 33.4 KB

image
image987×566 32.1 KB

image
image987×567 31.9 KB

Many thanks in advance.

3

Hello,

To assist you further, could you please confirm the following :

  1. What firmware version is currently running on your RUT271?
  2. Could you try changing the Remote Identifier setting to the LAN IP of the Sophos firewall and also confirm whether the Sophos device has a public IP address?
  3. If possible, please share the IPsec logs from both tunnel sides. Additionally, a simple network topology including the IP addresses would be helpful and appreciated.

Best regards,

4

This topic was automatically closed after 60 days. New replies are no longer allowed.