Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 4 subscribers
  • Views 5998 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM - VPN Always on

zeus1976

Hello,


I would like to install "VPN Always On" on the clients. Is there a solution for Sophos UTM? I have seen PaloAlto's solution and the client automatically creates the connection and detects whether you are in the internal or external network.

Best regards



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BAlfson

    Hi Bob.

    Thank you so much for your feedback. Ok, let me try again to sum it up.

    Objective: The clients should always be connected to the head office via VPN, no matter if you work from home or on the road. The employee should no longer have to log in, the client does this via certificate or the passwords are stored (not clear text) so that the client is constantly connected. In case of interruptions, the VPN must be automatically reestablished.

    Current situation:
    With the current SSL VPN or IPSec, the employee must always dial in.

    Question:
    1. is there such a client that it sees that one is constantly connected? (VPN Always on)
    2. which technology can be used to build such a scenario? (IPSec or SSL VPN)

    Thank you very much for your feedback - I hope I could summarize it so that it is clear.

    Best regards

  • 0 in reply to zeus1976

    Yes, with the OpenVPN client, the username and password are stored in a plain text file for auto-logon.  10 years ago, Sascha Paris copied info here about the three scripts that can be run by the client.  There's OpenVPN Client: Autorun and autoconnect with instructions on how to have the Windows Task Scheduler start the client at logon.   If there's an interruption to the connection, I don't know of a way to reconnect automatically - only manually, but that's just a right-click and two left-clicks of a mouse.  Someone with a talent for writing Windows batch files could probably make one that pings an internal device and reconnects when the ping isn't successful.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi

    Thanks for the feedback. This is exactly what is cool about the PaloAlto Client - it ensures that the client is always connected via VPN and can also distinguish whether it is in the internal network or on the road. On the other hand, it intervenes immediately if the Internet connection is interrupted and restores the VPN tunnel.

    Best regards

Unfiltered HTML