Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to force endpoint to use VPN - block internet access until VPN connected?

Hi there

Is there a way with Sophos VPN Endpoint software or other Sophos software) to block internet access for a remote corporate user (on their corporate device) until such time as they connect to the Sophos XG SSL VPN? 

So in essence as well as disabling split tunnelling we would like to ensure the endpoint cant even connect to the internet until the VPN to the corporate network is up?



This thread was automatically locked due to age.
Parents Reply Children
  • It is actually hard to force a client to stay always connected to the VPN.

    Sophos Connect / Sophos SSLVPN cannot archive this.

    The Endpoint by Sophos could manage the Firewall of the Client to block the access to other facilities to likely push the user to connect.

    But it is not a true "Always on" experience. 

    __________________________________________________________________________________________________________________

  • Thanks Lucar - do you have any detail on how the Endpoint by Sophos can manage the firewall of the client to block access to internet and allow it only via VPN connection?