Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 275 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

COMUNICATION BEETWEN VPN SITE TO SITE

Paola Vazquez

Hello, I am writing to resolve an issue.

Currently I have a scenario like the one I show in the image. I have communication with two sites through vpn site to site with an xg550 firewall, however I want to achieve communication between site 2 with site 3, this can be done through a vpn site to site?, or it is better to do it independently , however in site 2 and 3 I have internet but private, do I necessarily need a public IP somewhere?

I need have communication between vlan 48 with vlan 48



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi Paola, Thanks for reaching out to Sophos Community.

    Yes, it is possible to allow communication between your site2 and site3 over the IPsec tunnel via site1 Firewall and we have a document guide available right here explaining the steps: Sophos XG Firewall: How to create a hub and spoke IPsec VPN.

    Although, You can achieve independent communication between these 2 sites (site2 & site3) just by having a publicly accessible IP on any one of the locations and keep the location with public IP as the responder. 

Reply
  • FormerMember
    0 FormerMember

    Hi Paola, Thanks for reaching out to Sophos Community.

    Yes, it is possible to allow communication between your site2 and site3 over the IPsec tunnel via site1 Firewall and we have a document guide available right here explaining the steps: Sophos XG Firewall: How to create a hub and spoke IPsec VPN.

    Although, You can achieve independent communication between these 2 sites (site2 & site3) just by having a publicly accessible IP on any one of the locations and keep the location with public IP as the responder. 

Children
No Data