Currently running our 30+ IP-SEC VPN’s to 3rd party vendor networks using a Symantec 5420 Gateway Security appliance running v3.0.1 code which has not been supported for seven years now.
Have an exist Astaro/Sophos software UTM running on a Symantec 5460 box used connect to partner via MPLS fiber connection. Just updated the Astaro ASG v8.3 (Symantec5460 box) to Sophos UTM v9.1. Want to migrate all VPN tunnels to Sophos v9.1.
On Sophos UTM, created the first new VPN to a new vendor running a Cisco ASA 55xx box. He can initiate a VPN connection by pinging my host however we can bring up the tunnel on our side when we ping his host.
Could not initiate a IP-SEC tunnel with to their remote peer. Phase 1 was failing because the Sophos UTM is behind our external Internet firewall.
Traffic flow to remote site
------------------------------------
MyHosts --> [192.168.1.12_SophosUTM_10.2.3.12] --> DMZ-10.2.3.0 --> [10.2.3.1_EcessaFW_64.1.2.2] --> Internet --> [12.15.15.10_3rdPartyASA] --> 3rdPartyHosts.
Initiate connection to 3rd Party
---------------------------------------
VPN LocalPeers: 64.1.2.2
VPN RemotePeer: 12.15.15.10
VPN LeftID: 10.2.3.12
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
