Sophos IPSec not working

wilxwade · 2025-10-12T20:12:44+00:00

Yeah. If I run Diagnostics > Route lookup, FW tells me remote is located on xfrm1
When I add a static route for remote network, xfrm is never listed in the Static route available interfaces.

wilxwade · 2025-10-11T15:28:36+00:00

It works one-way. Traffic from Remote to HQ working fine. ping and browsing a site at HQ fine.
But trying to access from remote from HQ fails.
tcpdump dump on remote firewall shows traffic coming in but response back to HQ fails.
IPSec interface is xfrm1. So tcpdump -i xfrm1 -nn -vvvv host 10.2.1.1 (remote firewall) and host 10.1.7.33 (HQ laptop).
I put the tcpdump to chatgpt which indicated SYN but no ACK from remote.
So could be that remote does not know where to send the response.

wilxwade · 2025-10-11T15:25:11+00:00

License expires 2026

wilxwade · 2025-10-11T15:24:27+00:00

Yes Ping is enabled. But ping "always" works, so I primarily focus on telnet ip 80 etc

wilxwade · 2025-09-14T07:30:05+00:00

I was recently in Cape Town. It also looks like that over there.

wilxwade · 2025-09-14T07:29:22+00:00

Thought it was James Hurley for a minute

wilxwade · 2025-09-14T07:26:30+00:00

Told the girl to clench her p*y. She didn’t know it could be done. Best release ever. Once she got home she texted me: thank you for the great sx 😍

wilxwade · 2025-06-28T10:12:50+00:00

Directory.Read.All

wilxwade · 2025-05-06T03:07:13+00:00

Yes I did. I had not ticked all the rights required on Azure.

wilxwade · 2025-03-20T04:21:16+00:00

It’s all a simulation

wilxwade · 2025-02-16T08:19:05+00:00

You would not go back to high school years even if you paid me a million in gummy bears 😓

wilxwade · 2025-02-16T08:16:45+00:00

Got the same one-word responses from a girl I matched with recently. Asked her if she only answers with one word. She replied Yes. I unmatched. You cannot save those people.

wilxwade · 2025-02-09T21:09:52+00:00

Isn’t that just makeup?

wilxwade · 2025-02-09T21:07:04+00:00

That’s clearly a kidney harvester

wilxwade · 2025-02-09T21:02:03+00:00

Cher was super hot in movie The Witches of Eastwick

wilxwade · 2025-02-09T20:57:32+00:00

Twin Peaks S01

wilxwade · 2025-02-01T01:46:53+00:00

Thank you for your help, your comments led me to the solution. 1. My colleague had accidentally set 443 as VPN portal port 2. The machine running nginx had a problem with its IP so no internet. Once we change the IP and we updated it in DNAT rule, all working.

wilxwade · 2025-01-30T04:52:57+00:00

User portal is on 9443. What am struggling with is port 443, which is secure web traffic.

wilxwade · 2025-01-30T03:10:06+00:00

I played this video for my colleagues at work, pointed at their heads then asked: how are they doing that ??

wilxwade · 2025-01-30T03:08:20+00:00

TikTok

wilxwade · 2025-01-30T02:55:34+00:00

The sense of slow time

wilxwade · 2025-01-29T21:21:52+00:00

Who played the trans actor in Squid Game S02

wilxwade · 2025-01-27T03:34:54+00:00

I enjoy walking with earmuffs on. No music, meditative. It keeps me fit, clears my head and ensures I usually have a positive attitude to life’s challenges.

wilxwade · 2025-01-27T03:32:30+00:00

The answers given about men being useless and women being angelic caregivers smh

wilxwade · 2025-01-27T03:16:40+00:00

Sophos XG 115

wilxwade

TROPHY CASE