{"id":517,"date":"2020-04-27T22:48:39","date_gmt":"2020-04-27T19:48:39","guid":{"rendered":"http:\/\/as7ablog.com\/kinan\/?p=517"},"modified":"2020-03-28T17:57:34","modified_gmt":"2020-03-28T14:57:34","slug":"sophos-xg-site-to-site-vpn-with-other-fw-failed","status":"publish","type":"post","link":"http:\/\/as7ablog.com\/kinan\/?p=517","title":{"rendered":"Sophos XG Site-to-Site VPN with Other FW Failed"},"content":{"rendered":"\n<p dir=\"ltr\">Seems the method of using certificate-based connection won&#8217;t work with non-Sophos firewall.<br>I had to switch to shared-phrase in order to make it work.<br>Not sure if that problem is due to old firmware\/device on the other side or is it compliance issue.<\/p>\n\n\n\n<p dir=\"ltr\">However, I had to go on the VPN settings on both firewalls and make sure all settings at both sides are exactly the same.<br>Finally, I decided to switch back to pre-shared key instead of the certificate-based authentication between the two appliances.<br>The moment I set the key on the initiator, the tunle immediatly came up.<\/p>\n\n\n\n<p dir=\"ltr\">HTH some1,,,<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Seems the method of using certificate-based connection won&#8217;t work with non-Sophos firewall.I had to switch to shared-phrase in order to make it work.Not sure if that problem is due to old firmware\/device on the other side or is it compliance issue. However, I had to go on the VPN settings on both firewalls and make [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[4],"tags":[30,50,29,51],"class_list":["post-517","post","type-post","status-publish","format-standard","hentry","category-4","tag-firewalls","tag-security","tag-sophos","tag-vpn"],"_links":{"self":[{"href":"http:\/\/as7ablog.com\/kinan\/index.php?rest_route=\/wp\/v2\/posts\/517","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/as7ablog.com\/kinan\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/as7ablog.com\/kinan\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/as7ablog.com\/kinan\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/as7ablog.com\/kinan\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=517"}],"version-history":[{"count":2,"href":"http:\/\/as7ablog.com\/kinan\/index.php?rest_route=\/wp\/v2\/posts\/517\/revisions"}],"predecessor-version":[{"id":533,"href":"http:\/\/as7ablog.com\/kinan\/index.php?rest_route=\/wp\/v2\/posts\/517\/revisions\/533"}],"wp:attachment":[{"href":"http:\/\/as7ablog.com\/kinan\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=517"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/as7ablog.com\/kinan\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=517"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/as7ablog.com\/kinan\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=517"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}