Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to modify target Host for IPsec remote access

With Sophos Connect Admin I can modify Target host definition for IPSec remote access connection.

With XG I can do same already on XG for SSL VPN (Override hostname). However, I cannot override hostname for IPSec remote access configuration via Web-console.

As we use VPN portal connections get deployed automaticly to clients. Manually modifying connection via Sophos Connect Admin and deploy them is almost useless as they get overwritten by VPN portal anyway.


How can I manually modify on file level hostname for IPSec connections?



This thread was automatically locked due to age.
Parents Reply
  • That's not right. You can (have to) update as I've mentioned in my question already with Sophos Connect Admin. There you replace IP from Interface by fqdn. That is always required if XG is not the boarder firewall or has a privat IP on WAN interface.
    That is a quite common setup if XG runs with DSL modem.

Children
  • Hi  Similar discussion was raised in the below thread -  RE: Remote access VPN IPsec - Gateway/Address in SCX/Provisioning file 

    Unfortunately on the GUI as of now no such settings or options are there to define the hostname to push it in an automated way in the config file of Remote access IPSec VPN. So You can submit your Feature Request using the in-product feedback in the Sophos Firewall located in the Top Menu Bar.



    You can also log a support case to raise a feature request which you can track it later with your account manager/local sales presentative or TAM.

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support

    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.

  • Thanks, bud we did raise a feature request for that over 2 years ago already (as idea.sophos.com was not suspended). However, we do not want to wait for implementation but find a workaround now.

    Therefore my question again:


    How can I manually modify on file level hostname for IPSec connections?

    We got similar solution already for SSL-VPN config file as there also need to be done some changes in config file on XG as they are not available in GUI.

  • Hi  Thanks for the update on the feature request part, to confirm workaround details officially on this one, I would suggest logging a support case, so the Support team can help further 1) To link any existing FR with your account for this requirement if there are any or will create new FR and will link with your account 2) Technically progress the case further internally to confirm workaround possibilities and to update you further on same.

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support

    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.