Under Sophos Connect client, click Download for Windows. Alternatively, users can download the Sophos Connect client from the user portal as follows:
You can download the Sophos Connect client installer from the Sophos Firewall web admin console and share it with users. To establish remote access SSL VPN connections, users must install the Sophos Connect client on their endpoint devices and import the. Install and configure Sophos Connect client on endpoints Users can resolve domain names through VPN if you've specified the firewall for DNS resolution in VPN settings. Users can ping the firewall's IP address through VPN to check connectivity. VPN: After users establish a VPN connection, they can access the user portal through the VPN. They can then download the VPN client and configuration from the user portal. WAN and Wi-Fi: Users can access the user portal from the WAN and the internal Wi-Fi zone. This allows remote users to establish SSL VPN connections. You must give access to some services for remote users from the required zones. For Destination networks, select the IP host you've created for the permitted network resources.These hosts contain the IP addresses leased to remote users who've established a connection.įor Destination zones, select the zones of the resources you want to give remote access to. Click Add firewall rule and New firewall rule.įor Source networks and devices, select #ALL_SSLVPN_RW or #ALL_SSLVPN_RW6.Go to Rules and policies > Firewall rules.Go to VPN > SSL VPN (remote access) and click Add.Įnter a name and specify policy members and permitted network resources.These users are allowed to access resources on the local subnet. You create a policy that allows users in the Remote SSL VPN group to connect. If required, you can also update the subnet mask. When SSL VPN clients connect to Sophos Firewall, it assigns IP addresses from the address range you specify here. Specify an IP address range for SSL VPN clients Scroll to SSL VPN authentication methods.Ĭheck that the authentication server is set to Local. Under Firewall authentication methods, check that the authentication server is set to Local.Īlternatively, you can select an authentication server, such as the Active Directory server you've configured under Authentication > Servers. Sophos Firewall then acts as the authentication server. In this example, you set the firewall and SSL VPN authentication methods to local authentication. Go to Authentication > Users and click Add.Go to Authentication > Groups and click Add.In this example, users in the group are allowed unlimited access. The group specifies a surfing quota and access time. You create a user group for the remote SSL VPN and add a user. Go to Hosts and services > IP host and click Add.Įnter a name and network for the local subnet.The local subnet defines the network resources that remote clients can access. Import the configuration file into the client and establish the connection.Install the Sophos Connect client on their endpoint devices.See Sophos Connect client: Compatibility with platforms. For these endpoints, you can use the OpenVPN Connect client. It also doesn't support mobile platforms for IPsec and SSL VPN. Alternatively, users can download it from the user portal.Ĭurrently, the Sophos Connect client doesn't support macOS for SSL VPN. Send the Sophos Connect client to users.To configure and establish remote access SSL VPN connections using the Sophos Connect client, do as follows: Alternatively, configure an authentication server. Configure IP hosts for the local subnets.The Sophos Connect client allows you to enforce advanced security and flexibility settings, such as connecting the tunnel automatically. Users can establish the connection using the Sophos Connect client. You can configure remote access SSL VPN connections. Configure remote access SSL VPN with Sophos Connect client Mar 17, 2023 Your browser doesn’t support copying the link to the clipboard. It will remain unchanged in future help versions. Create an L2TP remote access connectionĪlways use the following when referencing this page.Create a remote access SSL VPN with the legacy client.Install the Sophos Connect client through GPO.Import VPN provisioning file through GPO.Install and configure Sophos Connect client on endpoints.Specify an IP address range for SSL VPN clients.Configure remote access SSL VPN with Sophos Connect client Configure remote access SSL VPN with Sophos Connect client On this page.Configure IPsec remote access VPN with Sophos Connect client.