This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Gaetano_Nicosia
Participant
‎2020-07-22 11:15 PM

VPN IPSEC between Checkpoint 730 and Sophos xg

Jump to solution

Hi,

I need to create a VPN site-to-site with a remote XG Sophos.

However, I must limit access to my network; from the remote network they can only access two servers in my network, example 192.168.10.xxx and 192.168.10.yyy.

Can you suggest me a solution?

Thanks and best regards

Gaetano

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend
Legend
‎2020-07-23 01:01 AM

Jump to solution

There is a good step-by-step guide found here: https://community.sophos.com/kb/en-us/133305

In step VPN Domain, select Manually defined. We have selected CP_LAN as the internal network behind the CP GW, CP_LAN then consists of 192.168.10.xxx and 192.168.10.yyy...

CCSE CCTE SMB Specialist

View solution in original post

5 Replies
G_W_Albrecht
Legend
Legend
‎2020-07-23 01:01 AM

Jump to solution

There is a good step-by-step guide found here: https://community.sophos.com/kb/en-us/133305

In step VPN Domain, select Manually defined. We have selected CP_LAN as the internal network behind the CP GW, CP_LAN then consists of 192.168.10.xxx and 192.168.10.yyy...

CCSE CCTE SMB Specialist
Gaetano_Nicosia
Participant
‎2020-07-23 01:04 AM
In response to G_W_Albrecht

Jump to solution

Thank You for feedback.

Gaetano

0 Kudos
G_W_Albrecht
Legend
Legend
‎2020-07-23 01:16 AM
In response to G_W_Albrecht

Jump to solution

Sorry, my answer was for a GAiA GW, so all the dashboard configuration can not be used ! Just try to follow it as is possible in Embedded GAiA WebGUI...

CCSE CCTE SMB Specialist
0 Kudos
Gaetano_Nicosia
Participant
‎2020-07-23 01:26 AM
In response to G_W_Albrecht

Jump to solution

No problem. I had already understood that I need to adapt the tutorial to the embedded Gaia WebGui

0 Kudos
G_W_Albrecht
Legend
Legend
‎2020-07-23 01:56 AM
In response to Gaetano_Nicosia

Jump to solution

Additionally, your XG encoding domain may need to have the SMB Advanced setting VPN Site to Site global settings - Join adjacent subnets in IKE Quick Mode set to false (sk98604).

I also think that many CheckMates would appreciate a short document of how you did succeed in configuration 😉 

CCSE CCTE SMB Specialist
0 Kudos