Sophos XG Firewall
To configure the tunnel in the Sophos XG Management Portal:
-
Log in to the Sophos XG Management Portal with the Administrator account.
-
Add a local and remote LAN object:
-
Go to Hosts and Services > IP Host, click Add and enter these:
Field
Enter
Name Name for the object. IP Family IPv4 Type Network IP Address Your local network and subnet. -
Repeat step a to add a remote LAN object:
Field
Enter
Name Name for the object. IP Family IPv4 Type Network IP Address Your remote network and subnet.
-
-
Create an IPsec VPN connection:
-
Go to VPN > IPsec Connections and select Wizard.
-
In the Name field, enter a name for the connection, and click Start.
-
For Select a connection type, select Site To Site and select Head Office.
-
From the Authentication type list, select Preshared key.
-
In the Local subnet field, enter the local LAN created earlier in the procedure.
-
In the Remote subnet field, enter the remote LAN created earlier in the procedure.
-
From the User Authentication list, select Disabled.
-
Review the IPSec connection summary and click Finish.
-
-
Set Status to Active.
-
Add two firewall rules to allow the VPN traffic:
-
Click Firewall and click Add Firewall Rule.
-
In the Name field, enter a name for the rule.
-
In the Description field, enter LAN-VPN.
-
In the Source section:
-
In the Source zones field, enter LAN.
-
In the Source network and devices field, enter local subnet.
-
-
In the Destination &services section:
-
In the Destination zones field, enter VPN.
-
In the Destination networks field, enter Harmony SASE_LAN.
-
-
Click Save.
-
Add the second firewall, click Firewall and click Add Firewall Rule.
-
In the Name field, enter a name for the rule.
-
In the Description field, enter VPN-LAN.
-
In the Source section:
-
In the Source zones field, enter VPN.
-
In the Source network and devices field, enter Harmony SASE_LAN.
-
-
In the Destination &services section:
-
In the Destination zones field, enter LAN.
-
In the Destination networks field, enter local subnet.
-
-
Click Save.
-