Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

IPSEC site to site VPN, initiator behind router

We are wanting to connect our remote office, which is in a managed/shared office space building, to our head office.
We have no control over the shared office netowrk.

We have a XGS in the managed office space.

The internet connection is supplied by the office space network, so the WAN on the shared office XGS is a local IP provided by the shared office router
Users are able to browse the internet without issue.

I need to get them access to our head office resources.

The head office has a XGS which is directly connected to the internet.

I am not able to get the Site to Site VPN to connect

So our network looks like

Settings at the remote site

Settings at Head Office

Seeking your advice on how to get this to connect



Added TAGs
[edited by: Erick Jan at 4:19 AM (GMT -7) on 17 Oct 2024]
Parents
  • For anyone looking

    I was never able to get the IPSEC VPN working

    For my interest I have done further testing using the same two Sophos XGS units as per my original post.

    To first of all prove that I didn't have something fundamental wrong in my setup, I connected a 4G modem with a static IP address in the hosted office, update the IP in the IPSEC VPN settings and it connected without issue.  The 4G Modem was then removed.

    I then did some further testing, I was able to get a XGS to XGS RED tunnel connected without needing to get any firewall/forwarding rules setup on the managed office network.

    If RED can 'figure out' how to get the connection working, not sure why IPSEC could not.

Reply
  • For anyone looking

    I was never able to get the IPSEC VPN working

    For my interest I have done further testing using the same two Sophos XGS units as per my original post.

    To first of all prove that I didn't have something fundamental wrong in my setup, I connected a 4G modem with a static IP address in the hosted office, update the IP in the IPSEC VPN settings and it connected without issue.  The 4G Modem was then removed.

    I then did some further testing, I was able to get a XGS to XGS RED tunnel connected without needing to get any firewall/forwarding rules setup on the managed office network.

    If RED can 'figure out' how to get the connection working, not sure why IPSEC could not.

Children
No Data