This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall connecting to NordVPN

Sophos Firewall connecting to NordVPN

Hi

I'm user of Untangle at my home/homelab. I'm trying Sophos Firewall to see if i switch from Untangle to Sophos Firewall.
I'm from Brazil but i live in Canada, because of my country of origin i have to use an VPN like NordVPN to "tell" to brazilian service providers (like banks, governement sites and etc.) that "i'm in brazil".


So not having a way to connect to a VPN service like Nord VPN and route my trafic over NordVPN can be a deal breaker.


I researched and i'm not sure if its possible or not possible to do this.


Can you tell me if i can connect to an VPN service like NordVPN and route my trafic over there in Sophos Firewal?


I think i have the newest version, i started to test it yesterday.

Thanks guys.



This thread was automatically locked due to age.
Parents Reply Children
  • Hi,

    Sophos has inbuilt VPN clients to setup inter firewall traffic eg RED etc.

    Let us take a different way of looking at the issue. NORDVPN is an application ,to be able to run an application you need to be able to install the application which implies read/write/execute permissions on critical directories, Sophos does not allow users to write to critical directories.

    Then you need to launch the the application, configure it. NORDVPN is an end user application.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Sophos it's not capable of act like an VPN client in any way shape or form?

    I'm not an expert, but as far as I can tell, no. Sophos can only act as a "remote access" VPN server to connect to it from the outside world. It does support split and full tunneling, but it won't do what you're asking, which is be a VPN gateway to connect to NordVPN

  • That's an start. NordVPN accepts connections from standard VPN Clients, you don't have to use the NordVPN application.

    So can I configure Sophos as an VPN Client to connect to an OpenVPN Server or an IKEV2 Server? If yes, I will be able to make Sophos connect to NordVPN servers.

  • Let me explain this as well as I can. I believe what you're referring to is a SOCKS proxy where you input the "anonymous" server's IP and port number into your client's internet settings or your browser settings, so that your traffic appears to be coming from the location of the proxy server (Brazil, China, Russia, Canada, ect). 

    Anyway, you cannot do this from within Sophos itself. This question has been asked multiple times by many people. Maybe a good option for you is to look into installing NordVPN on a raspberry Pi or on a spare PC and use it as a VPN gateway.

  • No, it's not that at all.

    Let's Imagine an scenario to explain better.

    Imagine that my house it's an branch office, and NordVPN it's the main office.

    In the main office I have an OpenVPN (or IKEV2) server. I want to use Sophos on my branch office to make an always on VPN to my main office as an VPN Client. After the VPN tunnel it's on, I want to route all my internet traffic through my main office.

    It's that possible?

  • I'm having trouble understanding that analogy. Let me ask what you want to do:

    You want to be able to use Sophos XG as a VPN client to encrypt your traffic using NordVPN? No you cannot do that. You cannot "install" the correct software to be able to do that.

    Let me give you an example of what you CAN do:

    You CAN set up a VPN server on Sophos so that you can connect TO it from wifi hotspot at Starbucks, using VPN client software on your iPhone, or laptop, and then tunnel out of the Sophos VPN server back into the world wide web using your home's internet connection while maintaining an encrypted tunnel so that your browsing cannot be eavesdropped on by Mr. Hacker.

    You CAN set up a VPN server on Sophos so that you can access your home's IP cameras, NAS storage, file/FTP server using Sophos' own VPN client software or OpenVPN software.

  • The XG can terminate VPNs from most sources provided the connection meets the XG security requirements. The XG can originate VPNs to other VPN termination points as long as the connection meets XG security requirements.

    The XG firewall rules will pass a VPN connection through to a PC or server on your LAN assuming the firewall rule is setup correctly.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • do you have the link of the documentation on how to do that? I mean configure Sophos to connect to an VPN server and to configure the firewall rule to direct the traffic?

    Sophos can be an OpenVPN client or only IKEV2?

    Thanks.

  • Hi,

    please try searching the support documents in this url. I searched, but possibly looking at the wrong information.

    support VPNs

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.