IPsec VPN

You can configure policy-based and route-based IPsec VPNs. You can also configure remote access VPNs.

Remote access VPN: You can establish remote access VPNs using the Sophos Connect client and third-party clients.

Policy-based VPN: Encrypts traffic passing through the listening interface based on the firewall rule and the local and remote subnets in the matching IPsec connection.Route-based VPN: Encrypts traffic passing through the virtual tunnel interfaces that are created during configuration. Routes determine the traffic sent through these interfaces.

Prerequisites for policy-based and route-based IPsec connections: Use the default IPsec policies with phase 1 and phase 2 security settings or create custom policies.

Post-requisites for policy-based and route-based IPsec connections: Optionally, add a VPN failover group to configure redundant tunnels.