Course Hero Logo

Sophos certified engineer page 45 of 86 30 configure

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 45 - 48 out of 637 pages.

Sophos Certified EngineerPage 45 of 8630Configure the rule with the following configuration:SettingValueAbout This RuleRule NameTo VPNDescriptionAllow traffic to the VPN zoneRule PositionTopActionAcceptSourceZoneLANDestinationZoneVPNIdentityMatch known usersDeselectLog TrafficLog Firewall TrafficSelectLeave all of the other settings asdefault.In a production environment, you wouldusually limit the services and applyprotection policies.You are creating separate firewall rulesfor traffic that is going to and from theVPN zone so that you do notinadvertently allow other traffic thatshould be managed by another firewallrule.31ClickSave32Click+ Add Firewall Rule >User / Network Rule33Configure the rule with the following configuration:SettingValueAbout This RuleRule NameFrom VPNDescriptionAllow traffic fromthe VPN zoneRule PositionTopActionAcceptSourceZoneVPNDestinationZoneLANIdentityMatch known usersDeselectLog TrafficLog Firewall TrafficSelectLeave all of the other settings asdefault.In a production environment, you wouldusually limit the services and applyprotection policies.34ClickSave
Sophos Certified EngineerPage 46 of 8635Open a new tab in Chrome and navigate toConfirm that you can access this site.You can test the VPN in the otherdirection by browsing to-dc.sophos.localonNew York Server.36Switch back to theLondon Gateway 1WebAdmin37SelectCONFIGURE > VPNin the left-hand menu38Select theSSL VPN (Site to Site)tab39Toggle the VPNOFFthen clickOKOnNew York Server40Loginto the WebAdmin ofNew York Gatewayasadmin41SelectCONFIGURE > VPNin the left-hand menu42Select theSSL VPN (Site to Site)tab43Toggle the VPNOFFthen clickOK44Open a new tab in Chrome and navigate toConfirm that youcannotaccess thissite.Created a simple SSL site-to-site VPN between the head office in London and the branch office in New York.Configured basic firewall rules to allow traffic to and from the VPN zone.Task 4.2Create an IPsec Site-to-Site VPNCreate an IPsec site-to-site VPN between the head office in London and the branch office New York using the wizard. Theconnection has already been configured on New York Gateway.InstructionsNotesOnLondon DC1Loginto the WebAdmin ofLondon Gateway 1asadmin2SelectCONFIGURE > VPNin the left-hand menu3Wizard4NewYork, then clickStart5Select theSite To Siteimage6IKEv27Click the blueNextbutton8Sophos19859Click the blueNextbutton
Sophos Certified EngineerPage 47 of 8610SettingValueLocal WAN PortPortB10.1.1.100IP VersionIPv4Local SubnetLondon-172.16.16London-172.17.17Intranet-172.25.25Local IDDNSlon-gw1.sophos.www11Click the blueNextbutton12SettingValueRemote VPN Server*IP VersionIPv4Local SubnetNewYork-192.168.16Local IDDNSny-gw.sophos.www13Click the blueNextbutton twice14ClickFinish15Click on the redOKOnNew York Server16Loginto the WebAdmin ofNew York Gatewayasadmin17SelectCONFIGURE > VPNin the left-hand menu18Click on the redOKWait for the VPN to establish and theicon to turn green.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 637 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
One
Professor
N/A
Tags
IP address

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture