Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 4969 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG to XG VPN

Ben Newall

Hi

I am just looking for some opinions on the quality/reliability of IPSEC VPN connections between two XG devices? Has anyone got experience of this and if so, are there any known issues to look out for?

We are currently running an XG230 at HQ connected to two Draytek Vigors at the branch offices. We are contemplating replacing these Drayteks with XG115's as the branch offices are only 10 user sites.

I am particularly interested in "beefing up" the IPSEC security algorithms in use since the Drayteks are quite limited and don't support the latest settings. However the most important factor is reliability, we have had a fairly reliable run with the Drayteks. I have seen plenty of weird things happening with IPSEC before using other vendors/devices so I am keen to hear first hand how well this setup works.

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    Hey Ben,

    Since you are connecting an XG to an XG, have you looked at the option of utilizing a RED site-to-site tunnel?

    Regards,

    Florentino
    Director, Global Community & Digital Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the 'Verify Answer' button.
    The Award-winning Home of Sophos Support Videos! - Visit Sophos Techvids
  • 0 in reply to FloSupport

    Yeah we bought one for each site over a year ago and had nothing but trouble with them. They don't operate on the same "network layer" as a VPN. I still don't know to this day what the problem was  but the symptoms were that roughly 3/4 times a day all staff would lose their connection to the head office due to a huge bandwidth spike. After numerous calls to Sophos support they didn't have a clue what was causing the bandwidth spikes and couldn't even point me in the general direction of how I could find out myself.

    We went back to using the IPSEC site-site VPN's with the Drayteks and everything was peachy again.

    Anyone want to buy a RED (practically brand new)? [:D]

  • 0 in reply to Ben Newall

    Hi Sir Ben,

     

    Good day!

     

    I could also suggest a Traffic Shaping policy for VPN and make the priority as a highest priority this will make the VPN connection better but if there is/are no VPN requests/traffic the bandwidth will be utilized on other services.


    Warm Regards,

    Deo Angelo P. Lim | Technical Manager - Philippines

    Sophos Certified Architect | Sophos Certified Sales Consultant | Cyberoam Certified Network Security Professional

    ARMLINK COMPUTER CENTER

    M +63 917 720 2755

    E deo@armlinkccs.com

    Skype: deoangelo.lim

Reply
  • 0 in reply to Ben Newall

    Hi Sir Ben,

     

    Good day!

     

    I could also suggest a Traffic Shaping policy for VPN and make the priority as a highest priority this will make the VPN connection better but if there is/are no VPN requests/traffic the bandwidth will be utilized on other services.


    Warm Regards,

    Deo Angelo P. Lim | Technical Manager - Philippines

    Sophos Certified Architect | Sophos Certified Sales Consultant | Cyberoam Certified Network Security Professional

    ARMLINK COMPUTER CENTER

    M +63 917 720 2755

    E deo@armlinkccs.com

    Skype: deoangelo.lim

Children
No Data
Cookie Information Banner