Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/nsg/sophos-firewall/20.0/Help/en-us/webhelp/onlinehelp/index.html?contextId=remote-access-VPN-IPsec-legacy

IPsec (legacy)

IPsec (legacy) is a retired remote access VPN and isn't supported in SFOS 22.0 MR1 and later.

You can't upgrade to SFOS 22.0 MR1 and later if the firewall contains the legacy remote access IPsec configuration. You must delete the configuration, then upgrade.

You can restore backups and import configurations that contain the legacy remote access IPsec configuration, but this legacy configuration isn't migrated.

Tip

We recommend that you configure remote access connections using one of the following options:

Existing legacy connections

  1. To establish a remote connection using this option, remote users must have a third-party VPN client.
  2. Go to the connection you configured, and download the .tar file. Extract the .tgb file, and share it with users.
  3. Users must import it to the VPN client on their endpoint devices.