Management, Networking, Logging and Reporting VPN IPSec Policy

UTM Firewall requires membership for participation - click to join

Thread Info

State Verified Answer
Locked Locked
Replies 4 replies
Subscribers 3 subscribers
Views 10121 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN IPSec Policy

B.R.O. over 7 years ago

Where do you set the exchange attribute of the IKE on the UTM? Where do you set Main Mode or Aggressive Mode?

This thread was automatically locked due to age.

+1 CS over 7 years ago

Hi B.R.O.

Have a look at this document: https://community.sophos.com/kb/de-de/117624

Maybe it helps.

CS

Sophos Certified Architect (UTM + XG)
Cancel
Vote Up 0 Vote Down

Cancel
0 B.R.O. over 7 years ago in reply to CS

Is is going to mess up my vpn ipsec policies if I change the IP address of the UTM after creating all of them?

I have the UTM on my network so I can see the old firewall and the UTM side by side to copy firewall settings to the UTM.
Cancel
Vote Up 0 Vote Down

Cancel
+1 CS over 7 years ago in reply to B.R.O.

B.R.O. said:

Is is going to mess up my vpn ipsec policies if I change the IP address of the UTM after creating all of them?

I have the UTM on my network so I can see the old firewall and the UTM side by side to copy firewall settings to the UTM.

No, it's no problem. Interface IP is only an attribute of the interface object. If you change the object, all relations (like IPSec) are still active.

You should not delete and re-create it!

Sophos Certified Architect (UTM + XG)
Cancel
Vote Up 0 Vote Down

Cancel
0 B.R.O. over 7 years ago in reply to CS

I totally understand! When I was working on the XG, I tried bridging the WAN and that had the same effect of deleting and re-creating the interface which wiped out all my vpn policies. I am glad it will be no problem.
Cancel
Vote Up 0 Vote Down

Cancel