VPN overview

Virtual Private Networks (VPN) carry private network traffic over a public network, such as the internet, through secure connections.

You can use VPNs to provide secure connections between networks. You can also establish VPN tunnels between individual hosts, such as off-site employees, and the internal network.

IPsec VPN

  • Host-to-host and site-to-site IPsec VPNs: Use these policy-based VPNs to connect small networks.
  • Route-based VPN: Use these VPNs to connect large, dynamic networks.
  • IPsec VPN (remote access): Allows remote devices to connect to your network using the Sophos Connect client or the legacy SSL VPN client. We recommend that you use this option instead of the legacy remote access configuration.

SSL VPN

  • Site-to-site SSL VPN: Establishes a TLS connection over HTTPS between two XG Firewall devices in a client-server configuration.
  • Remote access SSL VPN: Allows remote devices to connect to your network using the Sophos Connect client or the legacy SSL VPN client. You can also configure clientless VPNs.

RED tunnels

  • Dedicated RED: These devices (example: SD-RED) connect a branch office to the head office with a layer 2 connection. The branch office can then act like an extended network of the head office.
  • Firewall RED: Configure an XG Firewall device as a RED device (Firewall RED).