Sophos XG Firewall allows VPN failover by allowing you to set multiple remote endpoints for a single IPsec connection. It ensures that your VPN connection is safe from the risks.
In my scenario, HO will has 1 GW and BO will have 2 GW.
- HO Site:
- GW: 172.16.10.131
- LAN: HO/24
- BO Site:
- GW1: 172.16.10.240
- GW2: 172.16.10.241
- LAN: BO/24
Configuration
Step 1: Create IPsec Connections at HO
Go to: System > VPN > IPsec > “Add”
- Connection Type: Site to Site
- Policy: DefaultHeadOffice
- Action on VPN Restart: Respond Only
- Authentication Type: Any (Preshared key is my option)
- Endpoints Details:
- Local: 172.16.10.131
- Remote: *
- Network Details: Fill your local and remote Network
Step 2: Create IPsec Connections at BO
Go to: System > VPN > IPsec > “Add”
- Connection Type: Site to Site
- Policy: DefaultBranchOffice
- Action on VPN Restart: Initiate
- Authentication Type: Any (Preshared key is my option)
- Endpoints Details: You need add an endpoint.
- Local: 172.16.10.240
Local: 172.16.10.241 - Remote: 172.16.10.131
- Local: 172.16.10.240
- Network Details: Fill your local and remote Network
Step 3: Active IPsec Connections
**Note: Don’t forget to create rule for VPN
Watch my video:
Thanks!
Leave a Reply