This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Migrating SSL VPN clients SG115 to XGS 136

Hi,

probably asked and answered many times, but I find it hard to search here, as all I get is some "tech vids" and ancient locked themes. So my situation:

Customer has SG-115 in production. Now they bought XGS-136. They have:

  • 40+ SSL VPN clients (on laptops + Smartphones) all over the country (remote workers)
  • some 50+ custom NAT rules both way (yes, also SNAT is restricted, ports to outside are opened as needed, not all)
  • 3 LAN segments VLAN Tagged

I can take time to manually configure VLANs and NAT rules, plus all remaining configuration. But VPN clients...ohhh, geez, to go again through those configurations of VPN clients on laptops and most of all, on iPhones and Androids....that was real challenge. Clients are all over the country, many abroad, they are used to do business, and some are stupid as duck in regards of using laptop or smartphone, so I spent more than 2 months to manage to install all of them some year ago. 

Is there any way to reliably migrate SSL VPN clients from SG-115 to XGS-136?



This thread was automatically locked due to age.
Parents
  • Ahoj Andrej,

    I don't see any possibility for a migration tool.  The simple fact is that the certificates will be different on the XGS, requiring re-installation of the clients.

    You will want to strongly consider moving to Sophos Connect instead of continuing with the Sophos SSL VPN client.  A secondary advantage would be the ability to distribute the new client while leaving the old one in place for the current UTM.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Ahoj Andrej,

    I don't see any possibility for a migration tool.  The simple fact is that the certificates will be different on the XGS, requiring re-installation of the clients.

    You will want to strongly consider moving to Sophos Connect instead of continuing with the Sophos SSL VPN client.  A secondary advantage would be the ability to distribute the new client while leaving the old one in place for the current UTM.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data