This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos SG and XGS to Draytek IPSec Site2Site VPN

Hi,

I might share config comparison of VPN Site-To -Site IPSec VPN tunnels between Sophos SG (also newer Sophos XGS below) and Draytek Vigor 29xx series routers. It was some trial and error guessing game of all parameters, but finally I matched them and in absense of this exact combination might come handy to someone.

First, there is old Sophos SG-115 and Draytek Vigor 2925 router.

Sophos obviously supports only IKEv1, so that's what needs to be selected on Draytek. Remote network on Sophos must match Local network on Draytek under Remote Gateway config:

Now, IPSec parameters are defined on Sophos under Policies. I suggest you create your own IPSec Policy. The image below will help you match settings on Sophos with settings on Draytek:

As you can see, I created tunnel to have Sophos as Server (Respond-only) and Draytek as Dial-out (Initiator). But there were situation where I resolved the random disconnect issuess by just reversing the roles.

Will post XGS config later...



This thread was automatically locked due to age.