IPSEC between pfsense and Sophos XG
-
I'm beginning to pull my hair out over this. We are a group of schools, each school have a Sophos XG and i'm trying to configure an IPSEC tunnel from each school to our datacentre which is running a pfsense box.
As it stands only 1 school out of the 13 will stay connected, the others will disconnect at various intervals. I have to log back into the XG and disconnect and then reconnect. When this happens 1 phase 2 connection (on the XG) is still alive, but the others turn red. It still shows multiple connections on pfsense.
I've look at the key settings and they are identical, strangely enough they aren't on the connection that stays up.
Any tips on troubleshooting the above issue, or at least where to start?
Second to this, i'm configuring 2 local (XG end) VLANS to connect to our DC via the IPSEC tunnel. Now if i add another local subnet, it then connects to each and every subnet. this isn't what i would like, i would like local subnet (subnet a) to only be connected to remote subnet a. Hopefully that makes sense
In the below example, this creates 8 tunnels instead of the 4 wanted.