How to Configure SSL VPN

-
Guide to config
  • Log on to Sophos XG by Admin account

  • Authentication -> Group -> Click Add


  • Create SSL VPN Group
    • Group Name: Enter Remote SSL VPN Group
    • Surfing Quota: Choose Unlimited Internet Access
    • Access Time: Choose Allowed all the time
-> Click Save


  • Create SSL VPN users
    • Username: Enter vpn’s user
    • Password: Enter SSL VPN user’s password
    • Email: Enter user’s email
    • Group: Choose SSL VPN group which was created before
-> Click Save


  • Hosts and Services -> Choose IP Host
  • With configuration define the intranet layer
    • Name: Enter Local subnet
    • Type: Choose Network
    • IP Address: Import LAN’s IP
-> Click Save
  • With IP configuration defined for SSL VPN Clients
    • Name: Enter Remote SSL VPN range
    • Type: Choose IP range
    • IP Address: Import IP range which you want
-> Click Save


  • VPN -> SSL VPN (Remote Access) -> Click Add
    • Name: Enter Remote SSL VPN policy
    • Policy members: Choose Remote SSL VPN Group
    • Permitted network resource (IPv4): Choose Local subnet
-> Click Apply


  • Authentication -> Services -> Check in SSL VPN Authentication Methods -> In Selected Authentication Server, choose Local

  • Authentication -> Services -> Check in Firewall Authentication Methods -> In Selected Authentication Server -> Choose Local

  • Administration -> Device Access -> Tick in SSL VPN at WAN and LAN -> Click Apply


  • VPN -> Show VPN settings
  • Override hostname: Enter the IP of the end of the SSL VPN tunnel at the site -> Nhấn Apply


  • Firewall -> Click Add Firewall Rule -> Choose User/Network Rule


  • Log on Sophos User Portal: https://ipfirewall:4443

** If you can not download file on User Portal -> Choose Certificates -> Choose Certificates Authorities -> Choose Default to edit Default certificates -> Fill out all information -> Click Save
-> Click Regenerate certificate


  • Choose Download Client and Configuration for Windows -> Install file which was downloaded -> Double click in SSL VPN icon


-> Connect VPN with username and password of SSL VPN user which was created before

Comments

Post a Comment

Popular posts from this blog

Sophos XG: How to config Source NAT Rule

-
Image
Sophos XG: How to config Source NAT rule (may use IP static or dynamic) April 16, 2019 Vincent Sophos 0 This article demonstrates how to create a Source NAT firewall rule so that outbound traffic from the local will use a different static IP address or you can use MASQUERADE to configure SNAT with dynamic IP address. In order to be flexible, businesses don’t need to buy static IP How to configure Login to Sophos XG Firewall by Admin account Create a LAN layer where you want NAT Network -> Interfaces -> Click Add Interface Choose Add Alias Fill in the information You can NAT 1-1 by select only one LAN IP address or multiple LAN IP addresses by selecting the network layer -> Click Save Select Host and Services -> IP Host -> Click Add to create a WAN IP address that you want to user to put NAT in Firewall Rule -> Click Save Firewall -> Click Add Firewall Rule -> Select Business application rule Ch...
Read more

How to Partition Hard Drive Disk without Formatting

-
Image
Why Need Partition Hard Drive Disk partitioning is a process of dividing a hard drive into several partitions - managing the hard disk drive by shrinking, extending, deleting, creating partitions and change partition size, label, even location, etc. Why do we need to partition a hard drive? Here are the common reasons: To make full use of hard drive space, splitting it into several partitions. Operating System update. The changes in computer and hard drive usage. The change of computer users needs. Hard drive partitions first being prepared for saving data, games, system, etc., normally, will be resized, moved, split, merged or created into new partitions in a new format or new size in Windows 10/8/7 or dual boot system. But to partition a hard drive without formatting it is very important for some specific purposes. How to partition hard drive disk without formatting it? Here, both Disk Management and third-party partition manager software can work....
Read more

Migrate Windows vCenter server to vCSA 6.5u1

-
Image
Step 1: Run VMware migration assistant Before beginning the migration, you must run the VMware Migration Assitant on the source vCenter server (I mean the Windows vCenter Server). You can find this tool in the vCSA ISO that you have previously downloaded in <Drive Letter>:\migration-assistant\VMware-Migration-Assistant.exe . This tool starts a web service on the Windows vCenter Server to communicate with the vCSA install program. Step 2: Deploy the vCSA Once you have executed the VMware Migration Assistant on the source, you can mount the vCSA ISO on your favorite Windows computer or server (it must have access to your vSphere infrastructure) and run <DriveLetter>:\vcsa-ui-installer\win32\installer.exe . You can also run the installer from Mac or Linux but I prefer Windows :). In the first window, just click on Migrate . The next screen introduces the migration process. Just click on Next . On the next screen, accept the license agreement ...
Read more