I'm posting in regards to this thread, SSL VPN Gateway chose - Discussions - Sophos (XG) Firewall - Sophos Community. Does anyone have any insights as to how an XG, running recent firmware, lists remote hosts for a SSL VPN client to connect to? Can it be configured?
I have two XG135's in an HA configuration running SFOS 18.5.1 MR-1-Build326 and I'm testing the Connect v2 SSL VPN client with them. The VPN configuration the client downloads from the HA pair lists our backup WAN connection first in the list of interfaces for the VPN client to connect to. Ideally, we'd have the VPN client connect to our primary WAN connection which is fiber-based. I understand that a host override can be set, but doing so limits our VPN clients to a single WAN interface on our XG, thus removing any failover capability.
We discussed this here: https://community.sophos.com/sophos-xg-firewall/f/discussions/132158/ssl-vpn-change-precedence-order-of-network-ports
Thank you for contacting the Sophos Community.
Sophos Connect has the option to set the Gateway order, you can follow this KB.
Also take a look at this community thread