Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 7336 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN IPSec Tunnel between Fortigate and Sophos XG with DDNS

Doudou Sine

Hello everyone, I need help for a Projet I am working on:

We need to setup a VPN Tunnel between 2 sites, let's say HQ and Branch.

HQ has a Fortigate 80D with a Static IP, Branch has a Sophos XG (Cyberoam Cr25iNG upgrade) with dynamic IP.

I have been asking around and I've been told that we could keep the dynamic WAN IP on the Sophos XG and configure the Fortigate in Dial-up mode, but I am not sure it would work in our setup because it's HQ that requires remote access to the branch, and the server at branch has to sync its AD to the server at HQ. 

I am looking into Dynamic DNS as a solution, it seems to be supported but I need real-life feedback to anticipate on potential issues: has anyone tried this ? what should I prepare to make sure it works ? any alternative solution ?



This thread was automatically locked due to age.
Parents
  • 0

    Good afternoon,

    I have this configuration implemented between Fortinet and Sophos and it works without any problem.

  • 0 in reply to Caio Silva

    Hello sorry for late reply I got off from work, thank you for the reply can you give me more details:

    - are you using dynamic dns on the Sophos ? if yes, is it from one of the proposed vendors or Sophos's own DDNS service?

    - on Fortinet Side, did you have to tweak some settings to make it work ? i have been reading around other posts and people often report issues with AES encryption level (using 128bits instead of 256) or IPS (throughput issue)

Reply
  • 0 in reply to Caio Silva

    Hello sorry for late reply I got off from work, thank you for the reply can you give me more details:

    - are you using dynamic dns on the Sophos ? if yes, is it from one of the proposed vendors or Sophos's own DDNS service?

    - on Fortinet Side, did you have to tweak some settings to make it work ? i have been reading around other posts and people often report issues with AES encryption level (using 128bits instead of 256) or IPS (throughput issue)

Children
No Data