Hi
Is it possible to setup OPNsense appliance as a VPN Site2Site to Sophos XG firewall SSL OpenVPN server?
Has anyone managed this setup to work reliably or is this just theoretical ?
Regards
Yannis Terzakis
Oh sheesh, the XG Firewall... one of my favorites.
It's already a fight to keep an IPsec Tunnel from OPNsense to XG Firewall with a few SAs running... /kinda/ stable. Can't even imagine how incredibly annoying an SSL VPN tunnel will be.
So, I suggest to use IPsec, at least it kinda works, with IKEv2 and RSA PSK (Public Key) it's also pretty stable. Short lifetimes are a must, I use 2000s rekey time in phase 1 and 500s rekey time in the children (phase2).
Hi Monviech and thank you for your comment.
I am sure IPsec is the best all-around solution but there are too many OpenVPN tunnels installed using Sophos XG firewall and I want to do a gradual migration.
Regards