Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 4140 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site to site VPM - mesh topology

Shaun Raven

Good afternoon,

 

I have several UTM sites currently connected via VPN in a star topology.  I'm looking at moving these to a Mesh topolgy, but I'm having trouble finding examples on how to do this.  Can anyone point me in the right direction please?

 

Thanks in advance.



This thread was automatically locked due to age.
Parents
  • +1

    Hi, Shaun, and welcome to the UTM Community!

    In fact, the star topology is the more-complex.  Mesh just means having a separate tunnel from each site to each other site, so I'm confused about what it is you're asking.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • +1

    Hi, Shaun, and welcome to the UTM Community!

    In fact, the star topology is the more-complex.  Mesh just means having a separate tunnel from each site to each other site, so I'm confused about what it is you're asking.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Ah - I see.  Sorry for the confusion.  I've always configured Sites in a star topology... ;)

    I think I was getting myself confused between a mesh topology and network availability groups - thanks for the clarification.

  • 0 in reply to Shaun Raven

    In IPsec site-to-site configurations where you have two WAN connections at site A, you will want to use an Interface Group in the IPsec Connection.  At site B, you will want to use an Availability Group in the Remote Gateway 'Gateway' field.  Be careful that the Availability Group has the same order as the Interface Group.  I'm using this approach in several places, including a client in Virginia with five locations where each has two WAN connections.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML