Establish IPsec VPN between Fortigate and Sophos UTM

  This to show how to create site-to-site VPN between Fortigate Firewall and Sophos

 :Fortigate configuration 

1-  To create Tunnel interface , go to VPN >>>  IPsec Tunnels

        Remote Gateway : Static IP

        IP address : Sophos WAN IP (BRANCH)      

        Interface: Fortigate WAN Interface(HQ)    

        NAT Transferal:Enabled

 

2- On same page we have to chose Authentication

       Method : pre-shared key
       Mode : Main
       key should be same on both sides.

3- Phase 1 settings

    Encryption : DES

    Authentication : SHA512

    DH Groups : 15,14,2

4- Create Phase 2

     Local Address : Fortigate LAN Network(HQ).

     Remote Address: Sophos LAN Network(Branch).

     Authentication and Encryption as Phase 1 settings. 

5-  Static route ( Remote LAN Network to IP Tunnel interface)

6- Policy from LAN to IP Tunnel interface and from Tunnel interface to LAN.

Sophos configuration :

1- from Site-to-Site VPN >>> IPsec >>> Remote Gateway

     Name : To Fortigate (2for)
    Gateway Type : initiate connection 
    Authentication type : preshared key
    VPN ID type : IP Address

2- from Site-to-Site VPN >>> IPsec >>> Connections

    Name :
    Remote Gateway : Remote gateway which is created by step 1.
    Local interface : Sophos WAN interface
    Policy : should be same on remote side (Fortigate side).
    Local Networks : Sophos LAN Network

Policy in sophos as below and you can edit it as you want.