We will migrate our Fortigate to Sophos XG, and one of our requirement is to create a IPsec site to site with Sophos XG 3300 ( as HUB or Head office) to small FortiGate in client branches (as Spoke).
The problem is, I don't see any KB/Doc about creating it with unknown remote gateway which mean the hub accepts connections from peers with appropriate encryption and authentication settings.
I estimate there will be a 150 or more branches that will be connected to it, and the WAN IP are dynamically assigned by their ISP.
If your familiar with FortiGate firewall, the goal is setup is like a DialUp User IPsec tunnel in Sophos XG.
This thread was automatically locked due to age.