l2tp vpn settings members

Hello, can some, please, explain me the sense of adding members button on the l2tp vpn settings on xg firewall? The l2tp (remote access) section, allows for the creation of multiple profiles each with its own PSK or digital certifcate. How do they go together? I'm using v18 mr4 and, If I set a PSK on an l2tp profile, the PSK in the 'IPSEC (Remote access)' is replaced by this.



Added TAG
[edited by: emmosophos at 9:42 PM (GMT -8) on 16 Feb 2021]
Parents Reply Children
  • Hello ClerpremSpa,

    This isn’t a bug, basically, you are building SA, once you add a wildcard tunnel (*) (By default L2TP shows this) it  isn’t possible for the XG to differentiate the tunnels anymore, you can test this by adding in an IPsec tunnel for Remote Gateway Address (*) it would give you a warning that it will update all of the tunnels with this PSK.

    However, in future releases, you would be able to use identities (Remote/Local), which should solve this problem.

    On IPsec tunnels, you can mitigate also this by using certificates.

    Regards,


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.