Sophos Connect

Hello,

I just played around with Sophos Connect.

Does it support NAT-T? 
Will it be possible to use a FQDN instead of the interface IP?

In a customer environment the modem has to run in NAT mode for some reason. So the XGs WAN interface has a internal address.
therefore it is not possible to connect from the internet.

 

Regards 

Maik

  • H iMaik,

    Yes, XG and Sophos Connect support NAT-T. It also supports using a FQDN, but that's only configurable in Sophos Connect Admin utility, currently. Alternately, if you have configured a dynamic dns entry for the interface you are listening on, then it will automatically use the dynamic dns fqdn for the tunnel. 

    In either case, scadmin or dynamic dns, it will work where your firewall has a private wan IP, so long as proper forwarding is configured on the modem in front of your firewall.  

  • In reply to AlanT:

    [deleted]
  • In reply to AlanT:

    Hi, 

     

    Could you please provide some info of how we can enable the nat-t using Sophos Connect Admin utility?

    BR,

    George

     

  • In reply to George Benek:

    Sorry, I should clarify my original answer. you can configure whatever FQDN you setup using scadmin, but NAT-T is not configurable. It's used automatically, when needed. You should see the results in the system log, on whether NAT-T was needed, and why, in the tunnel connection logs.