Authentication type: select Preshared key.To create go to VPN > IPSec Connection and click Add. To create IPSec Policies go to VPN > IPSec policies and click Add.Ĭonfigure according to the following parameters.Ĭlick Save. To create Hosts and services click Add and create following information. We will create a subnet for Sophos’s 172.16.0.0/24 LAN network and Fortinet’s 192.168.1.0/24 LAN network. Outgoing Interface: VLAN-KH(it is interface LAN 1).Incoming Interface: Select VPN Tunnels VPN_FG_2_SOPHOS just created.Log Allowed Traffic: Turn on and select All SessionĬonfigure the policy to allow traffic from Sophos’ LAN layer to pass through Fortinet’s LAN layer according to the following parameters:.Outgoing Interface: Select VPN Tunnels VPN_FG_2_SOPHOS just created.Incoming Interface: VLAN-KH(it is interface LAN 1).To create the policy go to Policy & Objects> IPv4 Policy and click Create New.Ĭonfigure the policy to allow traffic from Fortinet’s LAN network to pass through Sophos’s LAN network according to the following parameters: We need to create a policy so that the VPN connection can access Fortinet’s LAN and vice versa. Interface: select IPSec tunnels VPN_FG_2_SOPHOS just created.Destination: Enter the LAN network of the Sophos XG 85 device as 172.16.0.0/24.To create go to Network > Static Routes and click Create New.Ĭonfigure according to the following parameters: We need to create a static route to route the outbound Sophos LAN layer through the VPN connection we just created to the Fortinet firewall device.
This article will guide how to configure IPSec VPN Site-to-Site between two firewall devices Sophos XG and Fortinet FG.