How to save login info in the SSL VPN

Question

Hi, 
 I dont want to enter my login info to ssl vpn client at each time when I connected to vpn. How can I save my login info like fortigate ssl vpn client ?

LuCar Toni · Accepted Answer

Sophos uses OpenVPN for SSLVPN. 
 The OpenVPN Client does not have a secure way to save the password. 
 https://forums.openvpn.net/viewtopic.php?t=27404 
 Hashing the Password would require some mechanism at your own to script. 
 I would recommend to use Sophos Connect (IPsec Client), which can save the password or do not save the password in OpenVPN.

FormerMember · Answer

Hi intrusus, 
 It will update all preshared keys with local peer ID (generally public IP of interface bound) and remote peer which is always * (at least it should be). So In order to prevent this I suggest you to have local and remote ID configured on the IPsec connections before saving this connect client configuration. 
 Thanks,

LuCar Toni · Answer

It depends. 
 Remote Access acts like all "Respond only" IPsec Site to Site tunnel with a Wildcard. 
 XG does not support "PSK Probing". PSK Probing is some sort of technique to try to figure out different PSKs used by different Tunnel in case of Remote Site *. 
 
 Lets assume you have a site to site tunnel configured with respond only and remote gateway is "*" (So basically you dont know). 
 That PSK will be overwritten by Sophos Connect, because XG cannot split this tunnel to all Sophos connect connections coming. 
 
 Best practice is always to use a remote gateway (IP or DNS). Not to use "*". 
 If your other end has a dynamic IP, try to use DDNS.

How to save login info in the SSL VPN

Top Replies