Guest User!

You are not Sophos Staff.

Thread Info
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 5523 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Secure Connection Sophos -> Windows Server

NvA

Hi,

I've got a UTM 9.35x with a local Windows 2012 Server behind and a remote Windows 2012 Server somewhere open in the internet (no extra firewall)

Both Windows Servers should communicate. I don't like to DNAT the traffic from the outside Windows to local and like it more secure.

What could be a proper and quick solution?

- Site-to-Site VPN IPSec with RRAS

- SSL-VPN (with Client - how to run this as a service?)

- something else?

Thank a lot for any advice

Nathan



This thread was automatically locked due to age.

  • I would create an IPsec Connection in the UTM using the "AES 128 PFS" policy and a Remote Gateway in "Respond only" mode using an X509 certificate.  This is trickier if you haven't followed The Zeroeth Rule in Rulz.  Look in the KnowledgeBase for the "Site-to-Site VPN via X509" guide.  I haven't configured a Site-to-Site with a 2012 Server, but I suspect that it can match what I've suggested.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML