Sangfor VPN vs IPSec VPN
Hello everyone,I have two Sangfor NGFW sites, and both use Dynamic Public IP addresses.
My question is whether it is possible to establish a tunnel using either a Sangfor VPN or IPSec? Anyone has experience on this?
Thanks
yes it is possible, do u have any issue when configure the vpn? can share Yes you can create a tunnel between two sites by Traditional IPSec or by the new Sangfor VPN. I suggest to go with the Sangfor VPN. The only requirements for site to site is a public IP so in your query, you can established a site to site vpn between your two Sangfor NGAF In most cases, VPN tunnels are established between devices using static public IP addresses to ensure consistent connectivity. If your Sangfor NGFW devices have dynamic public IP addresses, you may face challenges in maintaining a stable VPN connection, as the IP addresses may change periodically. There are issues on the connection if your public IPs are dynamic. You must configure it to static Consider using Dynamic DNS services to associate a hostname with the changing IP address. Many routers and firewall devices support DDNS, allowing you to use a hostname rather than a static IP address when configuring the VPN tunnel. Configure the VPN devices to have aggressive keep-alive and reconnect settings. This helps the devices quickly re-establish the VPN connection if the IP address changes. Ensure that the VPN type you choose (e.g., IPSec, Sangfor VPN) is compatible with dynamic IP addresses. Check the documentation or contact Sangfor support for specific guidance on dynamic IP scenarios. The configuration will requires you to have a static public IP. This is a must Hi FahmiAzlanMY,
Yes, it is possible to establish a tunnel using either a Sangfor VPN or IPSec.
Should you encounter any configuration, please feel free to reach out to us at tech.support@sangfor.com, and our support team will be more than happy to assist you.