Site-to-site VPN
This chapter describes how to configure site-to-site VPN settings of Sophos UTM. Site-to-site VPNs in Sophos UTM are realized by means of Virtual Private Networks (VPNs), which are a cost effective and secure way for remote networks to communicate confidentially with each other over a public network such as the Internet. They use the cryptographic tunneling protocol IPsec to provide confidentiality and privacy of the data transmitted over them.
Cross Reference – More information on how to configure site-to-site VPN connections can be found in the Sophos Knowledge Base.
The following topics are included in this chapter:
The Site-to-site VPN overview page in WebAdmin shows all configured Amazon VPC, IPsec, and SSL connections and their current status. The state of each connection is reported by the color of its status icons. There are two types of status icons. The larger ones next to the connection name inform about the overall status of a connection. The different colors mean:
- Green – All SAs (Security Association) have been established. Connection is fully functional.
- Yellow – Not all SAs have been established. Connection is partly functional.
- Red – No SAs have been established. Connection is not functional.
The smaller ones next to the tunnel information report the status for that tunnel. Here the colors mean:
- Green – All SAs have been established. Tunnel is fully functional.
- Yellow – IPsec SA has been established, ISAKMP SA (Internet Security Association and Key Management Protocol) is down. Tunnel is fully functional.
- Red – No SAs have been established. Connection is not functional.