Sophos connect vpn is a feature on Sophos XG firewall that allows an administrator to grant highly secure, encrypted vpn access to remote users, allowing them to access internal network resources over the internet. Similar to Cisco’s anyconnect, Sophos connect client simplies connection setup processes on client’s devices through the provision of client software.
To setup the Sophos connect client, you must have successfully installed your Sophos firewall to connect to the internet and update the firmware to 17.5 GA or above.
Sophos connect vpn setup
Login to the sophos XG firewall, click on firewall management and navigate to the VPN section. Click on the Sophos connect client tab to open the vpn configuration window. Enable Sophos connect client, choose the interface on which vpn connection will be established (preferably the WAN interfae), set your pre-shared key (if you do not have a signed certificate), and add users that will be given sophos connect vpn access. See image below.
Still on the same page, set your pool for VPN users, enter your preferred dns addresses for vpn users and click on apply. Click on the download button to download the sophos connect client software. Also click on the export button to export vpn settings to your PC.
You may also like: Cisco layer2 MPLS with l2tpv3 implementation made easy
On the client’s PC, install the sophos connect windows installer software you downloaded earlier. You will be prompted to import the settings that were exported from the Sophos XG firewall, click on the import button and select the exported file. Once the installation is complete, click on the connect button and enter a user and password to connect. The user must be a valid user that has been created and allowed Sophos connect acccess on the Sophos XG firewall.
Finally, create a firewall rule on the XG Firewall to allow VPN users to access internal network as well as the internet via the WAN interface.
Once connected, you will see a page similar to the one below.