Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site to site vpn from XG using broadband router with dynamic ip

All,

I am setting up a test network where i need to connect my sophos XG firewall to one of the cloud services we intend to use using site to site ipsec vpn.

My Sophos XG is sat behind a broadband router and is NAT from the broadband router to the WAN port on the XG.

I cannot put the broadband router in bridge mode at the moment. DDNS is not supported by the cloud provider. 

I am being told if i establish DMZ to the XG it should pass all traffic through and be able to hold the site to site VPN.

Any inputs would be appreciated.



This thread was automatically locked due to age.
  • Iara20,

    Ipsec works on the wan port and on XG you can configure ddns under the network menu.

    Once the tunnel is up, you need to create firewall rules where you can decide which resources the other end can access.

    Here the kb for Ipsec and ddns.

    Regards