Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 6548 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec VPN to Amazon VPC

bug
Hello, All.  I recently installed Sophos UTM 9 for testing.  My goal is to route an Amazon VPC subnet to one of my data center subnets.

The first thing I noticed was that there is no longer an option to download a Sophos configuration file in the VPC Management Console.  Does Amazon no longer support this option?

I proceeded by instead downloading the generic configuration and configuring an IPsec VPN on Sophos UTM 9.  I am able to get a green VPN link:

AWS VPN 1   [1 of 1 IPsec SAs established]
SA: 10.0.0.0/24=128.***.***.***     72.***.***.***=10.11.12.0/24
VPN ID: 128.***.***.***
IKE: Auth PSK / Enc AES_CBC_128 / Hash HMAC_SHA1 / Lifetime 28800s / PFS MODP_1024 / DPD
ESP: Enc AES_CBC_128 / Hash HMAC_SHA1 / Lifetime 3600s

Cheers.


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to bug
    Nope, still supported AFAIK...

    If you do not set the routing option for the VPN Connection to Dynamic Routing (BGP routed) as opposed to Static, it doesn’t show up in the list… when you go to download the configuration...
    as BGP client it does.

    I had this happen to me some time ago, forgot which way to set it.

    I've attached a screenshot showing the proper setting.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to bug
    So has Amazon dropped Sophos support for VPC VPN config downloads?


    I'd like to know the answer to this. I followed this guide:

    https://aws.amazon.com/articles/1909971399457482

    but on Step 4, Sophos is no longer listed as a vendor and the generic export isn't in the xml format required by the UTM.
Unfiltered HTML