Setup IPSec Site to Site VPN between Sophos and Cyberoam

Hi,

Hope this kb guide helps https://community.sophos.com/kb/en-us/123138

let us know how it goes.

Regards,

Raphael

Hi

I would like to ask if it compulsory to settings my country to CANADA? cause i am from Malaysia

It is will affect my configuration?

Hi

I would like to ask if it compulsory to settings my country to CANADA? cause i am from Malaysia

It is will affect my configuration?

That knowledgebase gets you 80% of the way to a working vpn, depending on your firmware and setup.  I tried that over and over and it failed repeatedly because I didn't yet know the following bits.

Once you do that knowledgebase step by step... then I did this

https://community.sophos.com/kb/en-us/123600

• once you have done all of that, and still can’t connect, you want to do 2 things. First, on the cyberroam go to VPN ->policies (you will see a rundown of all the columns for each ipsec policy, be sure to ADD column to see all, OR you can choose to click on the policy your vpn is using.

• on the Sophos go to VPN -->IPSEC Policies and look at the policy the vpn is using

• THESE two policies need to be IDENTICAL. What I did was on the sophos, I created a new policy and made it exactly like the Cyberroam, since “branchheadoffice” policy did not match the ‘branch remote office’ policy.

• as you’re doing this, you can see which part of the process is failing if you SSH into your sophos, open advanced terminal (option 5, option 3) and look at the log tail -f /log/charon.log (this will tell you where in the negotiation you’re seeing a failure)

• So after making the two policies IDENTICAL, and changing the sharedkey to be identical, and all of that, I still couldn’t connect until, on the Sophos, I set the key exchange to IKE V1.

Suddenly the vpn could finally connect and all started working.

Hope that helped.