Hi!
I have a Sophos SG135 Firewall with UTM 9.714-4, and i'm trying to move away from the l2tp/ipsec vpn.
I've configured the SSL VPN with AD user authentication and OTP, i've tried with both sophos connect and openvpn client, but only the openvpn client worked, the sophos connect give me a "non openvpn client detected" on the logs, and refuse to connect.
OpenVPN client seem available also for android/ios so i can cover also the access from those devices.
I've had a bit of throubles getting it right, as some documentations say that the configuration files can be downloaded from the user portal, but it's not here. I've found it in Definitions & Users -> Users & Groups -> Action menu.
If i'm not wrong, the steps for have the SSL vpn working are:
- Install the openvpn client (via AD GPO)
- The users have to enter in the user portal (with otp authenticator you need to add the otp code after the password, in the same field),when the user enter on the portal, a local user in created on the sophos, and it get a personal user certificate
- Now, the .ovpn connection file/files can be downloaded from the "action" menu, and sent to the users (the file generated have an handy csv file with the ad registered mail addresses, so that the deployment can somehow be automated). The user have only to click on the .ovpn file and is imported into the vpn software.
It give a bit of work for the IT, but can be managed, need some time to allow all the clients installed, all the users access on the user portal, etc.
There is a way to automate the procedure for sending the configuration file to the users as soon as a new user/certificate is created?
Thanks!
This thread was automatically locked due to age.
