Sophos Firewall: How to set a Site-to-Site IPsec VPN connection using a. When doing a Site-to-Site VPN with split tunneling you must configure as follows:Ĭreate a tunnel group on the ASA using the public peer address of your remote site, assign charictaristics to the tunnel group (i.c L2L), then assign a PSK PSKs must match on both sides of tunnel* Tunnel-group X.X.X.X type ipsec-l2lĬreate a transform set crypto ipsec ikev1 tranform-set (what ever your crypto / hashing/ encryp)Ĭreate an ACL identifing traffic to go through the Tunnel also prevents from being NAT'd by ASA access-list (Name) Permit ip 10.10.10.0 255.255.255.0 10.10.20.0 255.255.255. If PFS is used in Sophos Firewall, then it must be turned on in Cisco ASA also.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |