During the last phase of IPSEC VPN configuration between Fortigate and Sophos, the adjustments made on Sophos side consist of the adjustments to be made in the IPSEC section under the Site-to-Site VPN menu.
In the 1st step
creating the Remote Gateway connection under Site to site VPN -> ipsec->.
At this stage, we give a name to the fields below, respectively, in the Name field.
In the Gateway type section, we select initiate connection option.
In the Gateway section, we define the Fortinet WAN ip address.
With the Authentication type: preshared key option, we write the password we set on the Fortinet side in this section.
Finally, the other party’s internal ip subnet range is entered in the Remote networks section.
In the second step
under Site to site VPN -> ipsec->, click the New IPsec Connection option in the connections tab.
Gives a name in the Name field.
The previously created Fortinet WAN address is selected in the remote gateway section.
In the local interface section, the SOPHOS WAN leg we have determined on the Fortigate side is selected.
The authentication method we set on the Fortigate side in the Policy section is applied in this field.
Finally, in the Local Networks section, the SOPHOS internal ip subnet range that we want to communicate with is determined.
If everything is fine with the last processes, the status of the ipsec vpn we have created can be seen in Site-to-site VPN Tunnel Status under Site to site VPN.
Likewise, we can observe the status of the connection in the IPsec Monitor section under the Monitor menu on the Fortigate side.