Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Gaetano_Nicosia
Participant
Jump to solution

VPN IPSEC between Checkpoint 730 and Sophos xg

Hi,

I need to create a VPN site-to-site with a remote XG Sophos.

However, I must limit access to my network; from the remote network they can only access two servers in my network, example 192.168.10.xxx and 192.168.10.yyy.

Can you suggest me a solution?

Thanks and best regards

Gaetano

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend

There is a good step-by-step guide found here: https://community.sophos.com/kb/en-us/133305

In step VPN Domain, select Manually defined. We have selected CP_LAN as the internal network behind the CP GW, CP_LAN then consists of 192.168.10.xxx and 192.168.10.yyy...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

5 Replies
G_W_Albrecht
Legend Legend
Legend

There is a good step-by-step guide found here: https://community.sophos.com/kb/en-us/133305

In step VPN Domain, select Manually defined. We have selected CP_LAN as the internal network behind the CP GW, CP_LAN then consists of 192.168.10.xxx and 192.168.10.yyy...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Gaetano_Nicosia
Participant

Thank You for feedback.

Gaetano

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Sorry, my answer was for a GAiA GW, so all the dashboard configuration can not be used ! Just try to follow it as is possible in Embedded GAiA WebGUI...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Gaetano_Nicosia
Participant

No problem. I had already understood that I need to adapt the tutorial to the embedded Gaia WebGui

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Additionally, your XG encoding domain may need to have the SMB Advanced setting VPN Site to Site global settings - Join adjacent subnets in IKE Quick Mode set to false (sk98604).

I also think that many CheckMates would appreciate a short document of how you did succeed in configuration 😉 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events