Dear Community,
I am new to Sophos and have been tasked with moving services from a Watchguard device to an XGS2100 (21.0).
I am having difficulty with successfully connecting an IPsec VPN to a 3rd party vendor. The vendor requires a host-to-host connection to pull data from our local server based on the provided parameters and I followed the following Sophos guides to set it up including -
https://support.sophos.com/support/s/article/KBA-000003878?language=en_US
The status of the IPsec connection is shown to be active but when I attempt to connect I keep receiving this error:
I have followed and tried a number of solutions from Sophos guides to community posts but continue to receive this error.
The scenario and connection settings as currently configured are below:
My network is on the right with the XGS2100, the 3rd party network is on the left using an unknown FW. Public IPs are not actual IPs.
3rd Party provided configuration parameters:
Remote Gateway IP from 86.53.50.193
Remote Destination IP from 217.41.198.67\32
I configured a Host2Host VPN (Policy Based) between them both.
Created IP hosts 
Created IPsec Profile 
VPN Tunnel setup 
Firewall rules configured:
Outbound - Source [LAN, My-Server] Destination [VPN, 3rd-PARTY] Any service
Inbound - Source [VPN, 3rd-PARTY] Destination [LAN, My-Server] Any service
Enabled Ping on VPN zone for testing.
Viewing VPN log viewer I get 
and 
Someone has an idea? Thanks in advance.
Edited TAGs
[edited by: Erick Jan at 12:17 AM (GMT -7) on 4 Apr 2025]
Quote