How to Configure SSL VPN
Guide to config
** If you can not download file on User Portal -> Choose Certificates -> Choose Certificates Authorities -> Choose Default to edit Default certificates -> Fill out all information -> Click Save
-> Click Regenerate certificate
-> Connect VPN with username and password of SSL VPN user which was created before
- Log on to Sophos XG by Admin account
- Authentication -> Group -> Click Add
- Create SSL VPN Group
- Group Name: Enter Remote SSL VPN Group
- Surfing Quota: Choose Unlimited Internet Access
- Access Time: Choose Allowed all the time
- Create SSL VPN users
- Username: Enter vpn’s user
- Password: Enter SSL VPN user’s password
- Email: Enter user’s email
- Group: Choose SSL VPN group which was created before
- Hosts and Services -> Choose IP Host
- With configuration define the intranet layer
- Name: Enter Local subnet
- Type: Choose Network
- IP Address: Import LAN’s IP
- With IP configuration defined for SSL VPN Clients
- Name: Enter Remote SSL VPN range
- Type: Choose IP range
- IP Address: Import IP range which you want
- VPN -> SSL VPN (Remote Access) -> Click Add
- Name: Enter Remote SSL VPN policy
- Policy members: Choose Remote SSL VPN Group
- Permitted network resource (IPv4): Choose Local subnet
- Authentication -> Services -> Check in SSL VPN Authentication Methods -> In Selected Authentication Server, choose Local
- Authentication -> Services -> Check in Firewall Authentication Methods -> In Selected Authentication Server -> Choose Local
- Administration -> Device Access -> Tick in SSL VPN at WAN and LAN -> Click Apply
- VPN -> Show VPN settings
- Override hostname: Enter the IP of the end of the SSL VPN tunnel at the site -> Nhấn Apply
- Firewall -> Click Add Firewall Rule -> Choose User/Network Rule
- Log on Sophos User Portal: https://ipfirewall:4443
-> Click Regenerate certificate
- Choose Download Client and Configuration for Windows -> Install file which was downloaded -> Double click in SSL VPN icon
-> Connect VPN with username and password of SSL VPN user which was created before
Comments
Post a Comment