This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Having trouble setting up IPSec connection for site to site VPN

I am trying to set up an IPSec connection so that I can use  site-to-site VPN. The server that I am connecting to is not another Sophos router. I have been given the necessary files for this (certificates, keys). I'm able to successfully connect to the VPN using these certificates by connecting through openvpn. Now I want to configure the Sophos router so that this remote site will be accessible. I tried to upload the certificate/key in Certificates --> Add but it doesn't show up when I am trying to add the certificate in VPN --> IPSec Connections --> Add --> Local Certificate. I also don't have the checkmark next to the certificate in the Authority field. When I try to add a new certificate authority I don't see an option that corresponds to the "Issued-to" field of my certificate authority .crt file.

If anyone has any recommendations it would be greatly appreciated. Also, please correct me and ask for more information if necessary because this is my first time doing something like this so I have quite a bit to learn. Thank you!



This thread was automatically locked due to age.
  • Hi  

    Since the CA of the certificate added in XG is not trusted, you're not able to select the certificate in VPN --> IPSec Connections --> Add --> Local Certificate.

    First, you will need the green checkmark in the Authority field against that Certificate to use it in different options in XG. If the checkmark is not there, it simply means that XG does not have the CA of that certificate in Certificate Authorities. You may add an external CA using this KBA and then add the certificate, which should then be available for selection.