Fortigate – Sophos IPSEC VPN Configuration Part -2

In the part-2 note, Fortigate side mentions vpn tunnel settings.

First of all, we create Tunnel with Costom option by using wizard in IPsec Tunnels section under VPN menu.

After tunnele gave a name

1- We write the ip address of the Sophos External leg to the IP address section, where we will make a VPN, and select the WAN on the interface forehead where the VPN will work. We set a Pre-shared Key in the Authentication field. We’ll use this key on the Sophos side as well.

2-After determining the Pre-shared Key in the Authentication field, we determine the 1st stage authentication method. We will set the method determined as below in the same way on Sophos side.

3- When we switch to the 2nd stage authentication method, we determine the subnets to communicate in the local address (Fortiget) and remote address (Sophos) sections.

Then we determine the stage 2 authentication method.

With the following steps in part -3, the to-do list on Fortigate side will be completed.

  • Creating a rule in the IPV4 Policy section under the Policy & Objects menu.
  • Creating a target route under Static Route under Network menu.

Leave a Comment