Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Azure Site-to-Site VPN - Between Sophos in Azure and On-prem Firewall

i have a Sophos Firewall configured in Azure to protect the Virtual Servers and need configuration steps for Site to Site configuration between Sophos configured in Azure and On premises Firewall.

Please guide me with the configuration.


I have attached the Topology for reference.

This thread was automatically locked due to age.
Parents Reply
  • Thanks for the response. but again the document refers the configuring S2S between two dedicated firewall which has a public IP configured in WAN interface. but in Azure, there is no public IP assigned in the WAN interface. Please look at the attached diagram for reference.

  • XG in Azure will use the same mechanism like a XG behind a NAT Gateway.


    First of all, you have to decide, which Site should initial the connection.

    You should consider to use a public DNS Record. Azure will give you one, as far as i know. 


    So if you want to connect from Azure to On Prem XG, simply build up the tunnel from Azure (initial connection) to on prem. 

    Or vise versa. It is up to you. 


