Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 26 subscribers
  • Views 2749 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Avaya 9600 IPSec VPN to SFOS XG 17.5

Jhirley Fonte

Hello,

  I am trying to connect an IP SEC phone to an XG firewall.  I was give these article by Richard ( Thank you )

https://community.sophos.com/kb/en-us/131471

I have a few questions:

   1. In the VPN menu on 17.5 : is this created as a IPSEC Connection ( Top left in the VPN menu bar ) or as a Sophos Connect Connection ( Center of VPN menu )?

  • The screen grab looks like Sophos connect is the reason for my question.

  2. The IKE ID ( Group Name ) ,  does this need to be defined as an IP Sec Policy , with matching Phase 1 and Phase 2 ? 

  3. Where are the VPN Logs for the Firewall the ( Logs icon at the top right ) is very brief and only show successful authentication.  Where the good stuff,  key exchange details, MTU negotiation?

All input welcome ,  thank you all in advance..

 



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to lferrara

    lferrara,

    Thank you for this. 

    Now my VPN Clients can connect into the XG(192.168.16.1/24) Lan from my VPN ( 192.168.1.20-20) .

    I have added a FW rule:

    + Sr: VPN: any HOST -  Dest: any Zone any host - * Service Accept

    I have changed the default #Default_Network_Policy

    ~ Sr: LAN: any HOST -  Dest: WAN any host - * Service Accept

    ~+ Sr: LAN: any HOST -  Dest: WAN / VPN any host - * Service Accept

     

    I can Ping 192.168.16.* from 192.168.1.20 

    but I can NOT pink 192.168.1.20 from 192.168.16.1

     

Children