Hi there,
I am experiencing some issues in relation to an IPsec tunnel between a Sophos XG85 & a Mikrotik RB2011.
I have gotten the IPsec to establish with no issues. I can ping and access all resources from the Mikrotik side, however from the Sophos side I cannot ping or access any devices on the Mikrotik side.
Sophos range: 192.168.1.0/24
Mikrotik range: 10.50.1.0/24
I believe this is an issue on my Mikrotik side in terms of my firewall rules. Can anyone possibly point me in the right direction in regard to this?
My firewall rules:
Filter:
0 chain=input action=accept protocol=ipsec-esp log=no log-prefix=""
1 chain=input action=accept src-address=192.168.1.0/24 dst-address=10.50.1.0/24 log=no log-prefix=""
2 chain=input action=accept protocol=udp src-port=4500 log=no log-prefix=""
3 chain=forward action=accept src-address=10.50.1.0/24 dst-address=192.168.1.0/24 log=no log-prefix=""
4 chain=forward action=accept src-address=192.168.1.0/24 dst-address=10.50.1.0/24 log=no log-prefix=""
NAT:
chain=srcnat action=accept src-address=10.50.1.0/24 dst-address=192.168.1.0/24 log=no log-prefix=""
I have confirmed with a Sophos engineer that the Sophos side of things look 100%.
Wondering if anyone here has dealt with this type of setup before!
Thank you!