Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Subscribers 39 subscribers
  • Views 2221 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote SSL VPN. Modify downlodable .OVPN adding custom command.

Luc_GLLM

Good morning everyone,
on sophos XGS I configured the client-site SSL VPN, everything works except the resolution of internal names, probably because our internal windows domain has the same name as a public domain that is not ours (I know it's a bad configuration but that's how I found it), so the client that connects in VPN can't resolve the names of the internal servers.
By downloading the .ovpn profile from the User Portal and modifying it by adding the following parameters, the internal resolution also works:
dhcp-option DNS 192.168.0.251
dhcp-option DNS 192.168.0.248
register-dns
block-outside-dns

it is possible to ensure that the OVPN profile that is downloaded from the user portal already contains these commands, or another way to solve the problem.



This thread was automatically locked due to age.
Parents
  • 0

    Hi Luc,

    Thank you for reaching out to Sophos Community.

    Once set on the SSL VPN Global Setting, the DNS set will be the one configured on the .ovpn that can be downloaded on the User portal. However, the issue is your internal Windows domain has the same name as a public domain, which will cause the resolution to be confused. 

    Another way is to send the edited OVPN manually to the users and advise them to use the following configuration.

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

Reply
  • 0

    Hi Luc,

    Thank you for reaching out to Sophos Community.

    Once set on the SSL VPN Global Setting, the DNS set will be the one configured on the .ovpn that can be downloaded on the User portal. However, the issue is your internal Windows domain has the same name as a public domain, which will cause the resolution to be confused. 

    Another way is to send the edited OVPN manually to the users and advise them to use the following configuration.

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

Children
Unfiltered HTML