Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
Sophos Central Firewall Manager maintenance scheduled for April 2nd, starting at 3:30am EDT. More info available here.
IPSec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite. It is used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).
Cyberoam’s IPSec VPN offers site-to-site VPN with cost-effective site-to-site remote connectivity, eliminating the need for expensive private remote access networks like leased lines, Asynchronous Transfer Mode (ATM) and Frame Relay. This article describes a detailed configuration example that demonstrates how to set up a site-to-site IPSec VPN connection between the two networks using preshared key to authenticate VPN peers.
Local Network details
Local Server (WAN IP address) – 18.104.22.168
Local LAN address – 10.5.6.0/24
Remote Network details
Remote VPN server (WAN IP address) – 22.214.171.124
Remote LAN Network – 172.23.9.0/24
Site A Configuration
The configuration is to be done from Site A’s Cyberoam Web Admin Console using profile having read-write administrative rights for relevant feature(s).
Name to identify the IPSec Connection
Site to Site
Select Type of connection.
- Remote Access
- Site to Site
- Host to Host
Select policy to be used for connection
Action on VPN Restart
Select the action for the connection.
- Respond Only
Select Authentication Type. Authentication of user depends on the connection type.
Preshared key should be the same as that configured in remote site.
Select local port which acts as end-point to the tunnel
Specify IP address of the remote endpoint.
Local Network Details
Select Local LAN Address. Add and Remove LAN Address using Add Button and Remove Button
Remote Network Details
Select Remote LAN Address. Add and Remove LAN Address using Add Button and Remove Button
Click OK to create IPSec connection.
The configuration is to be done from Site B’s Cyberoam Web Admin Console using profile having read-write administrative rights for relevant feature(s).
Remote LAN Network
The above configuration establishes an IPSec connection between Two (2) sites.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.