Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 145 views
  • Users 0 members are here
Options
Suggested

Restrict use of VPN configuration to business devices only

dirkkotte

Hello,
does anyone have an idea how I can ensure that a VPN configuration is not transferred to a private device or that it cannot connect using it?
I want to use SSL VPN with Sophos connect client.



Added TAGs
[edited by: Raphael Alganes at 10:16 AM (GMT -8) on 8 Jan 2025]
  • 0

    Sophos Connect cannot control this. As we use OpenVPN, everybody could potentially download the ovpn file and reuse it on a 3rd party device. 

    The only way to do this right now is to use a solution like ZTNA. ZTNA will be only available for the Admins, not the enduser, as it is tied to the Sophos Central Installer. 

    __________________________________________________________________________________________________________________

  • 0

    One solution to this issue is to use the heartbeat functionality of the endpoint protection. Surely they can get the config and reuse it on another device and they will be able to connect to the SSL VPN but they can't reach anything because the firewall rules require a green heartbeat. It is not perfect but it should provide a similar effect.

Unfiltered HTML