Sophos XG Firewall: How to configure an L2TP connection for Windows 10


  • The article describes how to configure an L2TP VPN connection between a Sophos XG Firewall and Microsoft Windows 10.

Windows 10 configuration

Change the default authentication mechanism to pre-shared key

  • In the search section of the windows 10 desktop, type “firewall” and then click on Windows Defender Firewall with Advanced Security.
  • In the Windows Defender Firewall with Advanced Security, click Propertise.
  • Switch to the IPSec Setting tab and under IPSec Default click Cutomize.
  • Under Authentication method, click Advanced and then click Cutomize.
  • Select the current First authentication method, in this case, it is Computer (Kerberos V5) and click Remove.
  • Click Add to add another First authentication method.
  • In the Add First Authentication Method screen, select Preshared Key and specify the Preshared Key configured in the Sophos XG Firewall.
  • Click OK in all the cascading windows.
    Note: Make sure that IPSec Policy Agent and IKEand AuthIP IPSec Keying Modules in the machine are running without error.

Create the L2TP Connection on the end user’s machine

  • On the desktop, right-click on the Windows button and click on Network Connections.
  • Click on VPN and then click on Add a VPN connection.
  • Configure the following and then click Save.
Parameter Value
VPN provider Windows (built-in)
Connection name Enter a connection name.
Server name or address Enter the hostname or IP address of the XG Firewall.
VPN type L2TP/IPsec with pre-shared key
Pre-shared key Enter the pre-shared key.
Type of sign-in info User name and password
User name (optional) Enter the user name. This is optional.
Password (optional) Enter the password. This is optional.

  • Click on the new connection that was created and then click Connect.
  • Enter the username and password of the L2TP user to connect with the L2TP connection and then click OK.

  • The above configuration establishes an L2TP connection between the Sophos XG Firewall and a Windows 10 machine.

Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.