This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Gaetano_Nicosia
Participant
‎2020-07-22 11:15 PM
Jump to solution

VPN IPSEC between Checkpoint 730 and Sophos xg

Hi,

I need to create a VPN site-to-site with a remote XG Sophos.

However, I must limit access to my network; from the remote network they can only access two servers in my network, example 192.168.10.xxx and 192.168.10.yyy.

Can you suggest me a solution?

Thanks and best regards

Gaetano

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend
‎2020-07-23 01:01 AM
Jump to solution

There is a good step-by-step guide found here: https://community.sophos.com/kb/en-us/133305

In step VPN Domain, select Manually defined. We have selected CP_LAN as the internal network behind the CP GW, CP_LAN then consists of 192.168.10.xxx and 192.168.10.yyy...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

5 Replies
G_W_Albrecht
Legend Legend
Legend
‎2020-07-23 01:01 AM
Jump to solution

There is a good step-by-step guide found here: https://community.sophos.com/kb/en-us/133305

In step VPN Domain, select Manually defined. We have selected CP_LAN as the internal network behind the CP GW, CP_LAN then consists of 192.168.10.xxx and 192.168.10.yyy...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Gaetano_Nicosia
Participant
‎2020-07-23 01:04 AM
In response to G_W_Albrecht
Jump to solution

Thank You for feedback.

Gaetano

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2020-07-23 01:16 AM
In response to G_W_Albrecht
Jump to solution

Sorry, my answer was for a GAiA GW, so all the dashboard configuration can not be used ! Just try to follow it as is possible in Embedded GAiA WebGUI...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Gaetano_Nicosia
Participant
‎2020-07-23 01:26 AM
In response to G_W_Albrecht
Jump to solution

No problem. I had already understood that I need to adapt the tutorial to the embedded Gaia WebGui

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2020-07-23 01:56 AM
In response to Gaetano_Nicosia
Jump to solution

Additionally, your XG encoding domain may need to have the SMB Advanced setting VPN Site to Site global settings - Join adjacent subnets in IKE Quick Mode set to false (sk98604).

I also think that many CheckMates would appreciate a short document of how you did succeed in configuration 😉 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top