Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

SSL VPN - One connection to 3 sites

Hi.

I need to implement a feature where my client can use the Sophos client with a single connection profile (a single imported .ovpn SSL VPN file) but pointing to 2 different locations. If the first IP fails, it will establish itself in the second, however the IPs are from 2 different Sophos devices.

Since authentication is based on the certificate (in addition to the username and password), is there a way to create or import the same certificate on these two devices?

The idea would be for the file to contain:

connect-retry 10
connect-retry-max 2
remote <serverVPN-1> 8443 tcp-client
remote <serverVPN-2> 8443 tcp-client

Thanks



Added TAGs
[edited by: Erick Jan at 12:11 AM (GMT -8) on 14 Nov 2024]
Parents Reply Children
  • Hi. Thanks.

    I tested this, but it doesn't work as expected

    I defined 'gateway_order in_order' I defined 'gateway vpn1.xyz and vpn2.xyz
    *check_remote_availability true

    On the first attempt, Sophos Connect connected and downloaded the configuration, establishing the SSL VPN connection on the internet link of the vpn1 device. Then, when this vpn1 link went offline, the connection could no longer be established on the SSL server address of vpn1

    Sophos Connect seems to not try to connect to vpn2 to download the other configuration