Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 16763 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Generic ovpn config file

Mark Santorelli

Using the Sophos SSL VPN Client, is it possible to have a generic config file so any authorized user can login via the vpn client?

We have mobile tablets that are used by many different users and to add each individual user config will become a management nightmare.  So, is there a way to just have a user authenticate with their username and password without having a separate config file for each user?

Thank you

 

Mark



This thread was automatically locked due to age.
  • 0

    I don't think this is possible using remote SSL since it relies on user certificates. You could just create 1 userprofile that everyone uses but that's not recommended for auditing purposes (or even when not everyone needs access to the same resources).

    You might be able to try another remote VPN protocol (ie PPTP).

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0

    This has been discussed previously on this forum.    The recommended process is:

    • System administrator downloads and installs the VPN client components, which requires privilege.
    • System administrator lowers protection on the configuration folder (only) so that non-privileged users can update it, C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\config
    • Users log into the portal and download the key-update program and run it.   This adds their credentials to the configuration folder.
    • System administator removes old credentials when a laptop is turned in, or on another schedule that is acceptable to the organization.
  • 0 in reply to DouglasFoster

    I agree on this being the best solution, but TS was specifically saying:

    We have mobile tablets that are used by many different users and to add each individual user config will become a management nightmare

    In my opinion it's either everyone using the same account (which I would never allow) or choose another VPN protocol. I don't think the SSL solution can work without the user certificates.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0

    Hi Mark and welcome to the UTM Community!

    You've received two good answers.  In fact, there is an easy way to load dozens of SSL VPN config files all at once on a device.  Go to the 'Users' tab of 'Definitions & Users >> Users & Groups', check the box to the left of the Edit button for all of the users you want to load and, at the top of the column, select "Download SSL VPN packages" from the 'Action' dropdown list.

    Let us know which solution you chose and why.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML