SOPHOS XG x OpenVPN - Site-to-site

Thiago,

IPSec site to site VPN are a standard and you only need to make sure that the encryption and security settings you configure on one end are the same on the other end. For the network and end IP the order is reversed.

For XG you have the proper KB: https://community.sophos.com/kb/en-us/123140

On google search for the same article for OpenVPN.

If you will be able to establish a site to site VPN, feel free to upload a document/guide here.

Regards

I'm pretty sure that's not what the OP asked. IPSec != OpenVPN. :( Is OpenVPN ever going to be possible with Sophos? This makes me feel uneasy about buying Sophos.

Hi Thiago, 

Just want to clarify , do you wish to use OpenVPN with XG as a Site-to site connection as per the link ? Or you wish to use Remote access Site -to host ? It is possible to use OpenVPN site to site with XG but we have not tested it out. 

I'm still learning and new to Sophos xg but what I can tell is because you use proprietary ecp files instead of ovpn , you cannot setup ssl VPN to work with another device using openvpn even though both devices are technically using openvpn on the inside.

I stumbled upon a feature request with over 500 votes and 7 years of comments to make this possible but nobody from Sophos cared to comment on it :(

Hi Aditya.

Yes, it's a lot like the link scenario. Site-To-Site.

I have read that it's not possible to use because the certification file is proprietary in Sophos Xg and so it's not compatible with OpenVPN.

greetings
Guedes

Hi Thiago, 

That sounds about right. But still I will continue to investigate the possibility and update it further.