Professional Documents
Culture Documents
Firewall
To create a site-to-site tunnel between UTunnel VPN server and Sophos firewall, you
will need to meet the following prerequisites.
Once the prerequisites are ready, login to your UTunnel dashboard and click on ‘Site-to-
Site‘ option from top center.
Select the option ‘TUNNEL BETWEEN REMOTE ENDPOINTS’ and key in the
configuration parameters are described below.
Next, you need to define the local and remote subnets that will be routed through the
tunnel.
SUBNETS BEHIND LOCAL: Here, you define the networks that are behind UTunnel
server.
If you want to route the traffic from the roaming user's devices to the remote subnet
through the tunnel, you will need to explicitly define the roaming user's subnets in
LOCAL. The default subnets are given below. In case you use custom subnets for
roaming VPN users, update it accordingly.
IKEV2 - 172.16.152.0/24
OpenVPN UDP - 172.16.156.0/24
OpenVPN TCP - 172.16.164.0/24
SUBNETS BEHIND REMOTE: Here you define the networks behind Sophos firewall.
Now, you can click on the START button and start with configuring tunnel on Sophos
Firewall.
Login to your Sophos firewall with an admin user. Firstly, we need to create a custom
IPsec Policy to use with UTunnel tunnel.
For that, click on VPN option on the left side panel and go to IPsec policies on the top
right.
Name the policy as UTN_IKEv2 and select IKEv2 as Key exchange. Set the other
configuration parameters as below.
Click Save.
Now, we have to create the tunnel. Click on VPN option on the left side panel. Navigate
to IPsec connections and click on Add button.