Sophos XG IPSEC client


We are currently working with Sophos SG and we will migrate to Sophos WG,So I would like to know if can configure a native vpn in android and iOS based on Sophos XG Ipsec Client as is the case with Sophos SG.

Thank you;

  • Hi,

    I did not understand your question here because I am confused about, which Sophos OS are you migrating upon? Are you migrating to Sophos XG Firewall or Sophos Web Gateway? For VPN you can use a native VPN like L2TP on the Android and IOS devices or use Sophos SSL VPN client based on OpenVPN.

    Refer to the following articles and let us know if you have any further doubts:


  • In reply to sachingurung:

    I'm sorry,that was a typo mistake;we will actually migrate to sophos XG.

    We are currently using native vpn in android and iOS with Sophos SG Cisco VPN client,and I wanted to know if it is possible to do it with SophoXG.

    PS:we don't  use OpenVPN.

    Thank you so much;

  • In reply to FZAHRABZ:

    You can only download a client when the Tunnel is SSL for remote access. 


    Site to site VPNs (IPSec or SSL) don't have an agent. 

    You only configure separate boxes the same way.


    SSL Site to site might need you to download from "Server" end, and upload to client end.

  • In reply to ZadokXerxes:

    Thank you.but i'm not asking about site to site vpn.I'm only asking about remote access vpn.

    In Sophos SG we are using Cisco vpn (ipsec client) and we configure it in android and iOS device as a native vpn without having to install i'm asking if we can do the same with Sophos XG

  • In reply to FZAHRABZ:

    You can take a look at our how-to video to setup Cisco configurations in the XG firewall:

    Or refer to the KB article here:


  • In reply to sachingurung:

    Thank you so much.that was useful.but i'd like to have the guidelines to do it with certificates based authentication instead of PSK.

    So far with Sophos SG i download .mobileconfig file from user portal (for ios) and dowload certificates (for android device)..can you tell me if i can do the same in Sophos XG ??

    Thank you in advance.