Sophos XG: Configuring Site-to-Site SSL VPN

 

This article will guide to create a SSL Site-To-Site VPN between two Sophos XG Firewall. This VPN solution is very easy to configure while ensuring security with many cryptographic settings.
You can only create site-to-site SSL VPN tunnel between 2 XG devices.

Server Configuration:

  • Log into the Webadmin
  • Go to System > VPN > SSL VPN (Site to Site)
  • Click “Add”  in Server, and fill your information

Capture

  • After Save all, you will back to previous page.
    Click the download arrow button to download a file that you will use to configure the client. It will download a file in .apc or .epc with encryption. I suggest using encryption type

Client Configuration:

  • Log into the Webadmin
  • Go to System > VPN > SSL VPN (Site to Site)
  • Click “Add”  in Client, and upload your configuration file which downloaded from server (apc/epc)

cap2

  • Don’t worry with option Use HTTP Proxy Server & Override Peer Hostname if it is in gateway mode.
  • Save and wait a minute

Finally, I maked a video to describe the steps for that. EASY!

Thanks!

 

 

Be the first to comment

Leave a Reply