Archive > 18.1 Legacy Series

IPsec (site to site) connection "problems" and an interim solution

<< < (2/2)

poodad:
I am seeing this same behavior. I have ipsec set up between an OPNSense system and a Sophos SG UTM. Both sides have dynamic IP address and I use DuckDNS to track names to the IP addresses. I have verified that DuckDNS is being updated by both sides when an IP address changes.

The VPN works great until the IP address of the Sophos side changes. OPNSense can "see" the new ip address (if I ping xxxx.duckdns.org from the OPNSense CLI, I get the right ip). However, the VPN stops working. Currently, I reboot OPNSense and everything starts working until the Sophos UTM's ip changes, then it breaks again.

Sophos seems to handle a change to the OPNSense side's ip without problem.

Navigation

[0] Message Index

[*] Previous page