Problem with Microsoft office sites / IPSEC VPN from pfsense to Sophos
-
Hi Community,
I really appreciate your help !
I have a problem with openning Microsoft office sites, when the traffic is passing throught an ipsec VPN conection betwenn 2 sites.
Let’s explain the situation.
I have two site, the fisrt with pfsense 2.7 as firewall, the second one is with sophos XG 210 V18.5.
For some reasons , i create a IPSEC VPN site to site from Site Pf to site Sophos for passing internet traffic , so the user who like to connect to internet in site Pf shoud pass from pfsense ->VPN->Sophos navigate internet and return.
In other word the traffic from site PF to internet shoud pass into VPN to sophos , and go to internet , the public ip shoud be the public ip of sophos.
This configuration work perfectly with all sites unless Office and collaboration site (outlook, one drive, sharepoint..).
With some search, i found that i must changing the MSS and MTU in the interface of VPN in the side PFsense to look like the sophos side (1480,1440) , and check the « Block private networks and loopback addresses » see Image1.
With this configuration the problem is solved , but for 5-15 minutes OR/and if the user reconnect to her session the isssue is return.
Can anyone help me to understand the missing configuration.
If you have a questions to more understand the situation, you can ask me .
Thanks.
