From d27fdf0fde283c898212f537136ec0ca280f0e45 Mon Sep 17 00:00:00 2001 From: Nicole Rappe Date: Fri, 9 Aug 2024 16:28:21 -0600 Subject: [PATCH] Update Networking/Sophos/IPSec Site-to-Site VPN Tunnel.md --- .../Sophos/IPSec Site-to-Site VPN Tunnel.md | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/Networking/Sophos/IPSec Site-to-Site VPN Tunnel.md b/Networking/Sophos/IPSec Site-to-Site VPN Tunnel.md index 62b2bb9..d87e62a 100644 --- a/Networking/Sophos/IPSec Site-to-Site VPN Tunnel.md +++ b/Networking/Sophos/IPSec Site-to-Site VPN Tunnel.md @@ -39,21 +39,21 @@ Navigate to "**Configure > Site-to-Site VPN > Add**" !!! tip "Best Practices - Initiators / Responders" If you have a hub-and-spoke network, where one location acts as a central authority (e.g. domain controllers, auth servers, identity providers, headquarters, etc), you will set up the central "hub" as a VPN responder on its side of the VPN tunnel, and all the remote "spoke" locations would behave as VPN initiators. -``` mermaid -graph TB - Responder((Responder)) - Initiator1((Initiator 1)) - Initiator2((Initiator 2)) - Initiator3((Initiator 3)) - Initiator4((Initiator 4)) - Initiator5((Initiator 5)) + ``` mermaid + graph TB + Responder((Responder)) + Initiator1((Initiator (Remote Site))) + Initiator2((Initiator (Remote Site))) + Initiator3((Initiator (Remote Site))) + Initiator4((Initiator (Remote Site))) + Initiator5((Initiator (Remote Site))) - Responder --> Initiator1 - Responder --> Initiator2 - Responder --> Initiator3 - Responder --> Initiator4 - Responder --> Initiator5 -``` + Responder --> Initiator1 + Responder --> Initiator2 + Responder --> Initiator3 + Responder --> Initiator4 + Responder --> Initiator5 + ``` !!! note "Tunnel IDs / Subnets" If one side of the tunnel indicates a Local ID, you need to input that as the Remote ID on the other end of the tunnel. While Tunnel IDs are generally optional, if one side uses them, both need to.