We are currently in the process of upgrading our SG to an XG and because of that have to deploy new SSL VPN configs to all our clients.
In the past we used Tunnelblick as our OpenVPN client of choice, but there is one major issue, in order to import a new config, the user needs admin rights on their machine, which they don't have. We can't deploy the config for the users, because for some reason Sophos took away admins ability to just download all configs for the backend synced users. (Users only get created on the XG AFTER they login, not like it was on the SG where they just get prefetched every day).
So we thought, ok we're just gonna use the OpenVPN client. But again, for some reason nobody will ever understand, the official OpenVPN client, does not set DNS Servers that get pushed by the server. So that option is also out the window.
As it stands right now, we have no way to deploy ~250 configs to our clients and have them actually work as intended.
Has anybody run into this issue before and maybe has a solution? We can't touch 250 clients by hand and install the config with admin rights (like Tunnelblick needs us to). And using a full tunnel (so we don't have the DNS issue is also not an option).
Thanks in advance!
Cheers
This thread was automatically locked due to age.
