Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 835 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN

Fadi_Hamamdeh

Dears,

I have DSL router (source internet) and i have (fixed public ip), and xg firewall.

i want create vpn site to site from our side to other side(company).

How I can create vpn from our side to other side. but our source internet from dsl router (connection between dsl router and xg firewall is private IP).

ip dsl router 192.168.1.1/24

ip firewall 192.168.1.2/24

i have fixed public ip when connect to internet from isp

regards,



This thread was automatically locked due to age.
Parents
  • 0

    Hi Fadi_Hamamdeh

    Please forward all the ports for IP 192.168.1.2 on your dsl router or you can configure dsl router in bridge mode to get static public IP on Sophos XG.

    To configure IPSec site to site VPN with other company follow the below link and share the Branch office VPN Policy to other side of the company with remote and local subnet details 

    https://support.sophos.com/support/s/article/KB-000036746?language=en_US 

    Regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    thanx,

    after configure dsl router in bridge mode, wan ip for sophos xg is 192.168.1.2?

    when configure vpn site to site I use Local gateway is 192.168.1.2?

  • 0 in reply to Fadi_Hamamdeh

    Wan ip will be whatever was on the router or maybe even a new address issued by your isp dhcp server.

    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hello Fadi,

    if you have access to your ISP router (means you have a pasword and can login to administrate this device), then I would prefer routing instead of bridging. You have to define what is called an "exposed hosts" to pass the packets from outside to the Sophos firewall. The 192.168.1.0/24 is yourr transfer network, then. The VPN-definition takes the public IP from your ISP in this config as well.

    If your ISP-router is not manageable by you (aka "black box"), you would need to go with bridging.

    This way, your firewall "WAN" port gets the same IP address as your ISP-router and acts like if it is directly connected to the internet.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to jprusch

    thanx,

    ISP-router is not manageable, i will configure similar picture attachedhttps://ibb.co/7Q2PhtD

Reply Children
Unfiltered HTML