Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 3457 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

From VPC in EU to VPC in US and then to Office

MattMcLane

Here is my situation, 

In US-East I have two VPCS connected via Peering connections to a third Shared Services VPC.  In the shared services VPC I have an AWS Directory Services domain which the computers are joined to.  We have a VPN connected to our office where our local domain is and a Trust relationship connects the two domains.  Using this setup any machine in the three VPCs in us-east can login using the credential in our local directory.  I am not trying to extend this to other regions.

I setup A Sophos UTM and created a VPN to a VPC in eu-west.  This was an easy process and using that tunnel I can join the instance in eu-west to the domain in us-east.  I can't however login to the trusted domain as I can't ping the domain controller across the two VPN tunnels.  I have tried adding all the routes I can think of but nothing so far has worked.  Is this possible to work out, and if so what should I do?  Do I need to create a VPN tunnel from our company office to eu-west?

See attached diagram for reference.



This thread was automatically locked due to age.
  • 0

    Hi, Matt, and welcome to the UTM Community!

    There's not much knowledge here about these things.  What does Sophos Support say about this?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    I haven't spoken with them, we don't have support and I am just evaluating the product to find a solution.

  • 0 in reply to MattMcLane

    Matt, the Sophos pre-sales engineers are all excellent in my experience and they have better access to the developers and others with specialized knowledge than does the Support team.  In the US, you would ask your reseller or Sophos Sales directly for input from pre-sales.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML