Device Configuration : Configure : VPN : VPN Wizard set-up
VPN Wizard set-up
The VPN Wizard takes you step-by-step through the configuration of VPN connection between two managed devices simultaneously.
1. Go to Device Configuration > Configure > VPN > VPN Wizard and click Add.
* On clicking Add, the VPN Wizard starts which contains the following three sections:
a. Select Device
b. Device Details
c. Security Information
2. Select the managed Head Office and Branch Office devices respectively based on the description shown below.
Head Office
Select Device
Select the Head Office device from the drop-down list of available devices.
* Only one device can be selected as the Head Office device.
* The list of available devices shows only those added devices which are Connected and Synchronized with Sophos Central Firewall Manager.
Tunnel Name
Specify name to identify the tunnel for Head Office.
IP Family
Specify the IP type of the Head Office device subnet or Local End Point.
Description
Provide description for the Head Office device.
Branch Office
Select Devices
Select the Branch Office device from the drop-down list of available devices. You can select multiple devices at a time.
Description
Provide description for the Branch Office device.
3. Configure connection details for the Head Office and Branch Office devices respectively.
Head Office Device
Policy
Select policy to be used for Head Office VPN connection. To create a new policy or go to Device Configuration > Configure > VPN > IPSec page.
Local End Point
Select Local WAN port of the Head Office device from the list.
IP/Domain
Specify IP Address or domain name of the selected Head Office device.
Subnet
Select Local LAN Address of the Head Office device. Click Add IP Host to create a new IP Host.
Branch Office Devices
Policy
Select policy to be used for Head Office VPN connection. To create a new policy or go to Device Configuration > Configure > VPN > IPSec page.
* Select a policy that is compatible with Head Office Policy.
Local End Point
Select Local WAN port of the Head Office device from the list.
Override End Point
Select to override interface assignment and specify the Default End Point interface for all selected devices. Alternatively, you can create dynamic interfaces for each device. To add more interfaces, click the icon to add more dynamic interfaces.
Subnet
Specify Local LAN Subnet for each managed Branch Office device.
4. Specify Security Information.
Specify Preshared Key for Head Office and all Branch Office devices.
* Preshared Key should be of minimum 5 characters.
5. Click Finish to save the settings. On completing the VPN Wizard, all IPSec connections will be created. The connections can later be managed from the VPN Wizard main page.