This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to access an SFTP server from behind a production firewall through an IPSec tunnel created in the perimeter firewall?

Hello everyone! First time I write in the community and I don't know if this is the correct way to do it. I appreciate the help you can give me.

I have this situation with a customer (Customer B in the image). This customer is allow to have only SFTP traffic from the SFTP Client computer.  So far I have had no problem allowing out through the production firewall to specific IP addresses to pull files through SFTP.

But now there is a new vendor (Customer A in the image) that requires this file exchange to be exclusively through an IPSec VPN Tunnel.

I have no problem creating the Site to Site between both perimeter firewalls. Where I'm stuck is how do I allow the SFTP Client computer to pull files from Customer A SFTP Server, but through the Site to VPN at the perimeter firewall, when this computer is behind the production firewall.  The SFTP Client computer is inside a High Security Area and only pull SFTP traffic is allowed.

My customer have Sophos XG firewalls and vendor have Cisco ASA. 

Any help or suggestion will be highly appreciated.

Thanks,

Jose A.



This thread was automatically locked due to age.