One WAN, two LANs. How to?

Hi all,

we are using a SG115 and have quite a simple network structure.
We have one Internet connection and one LAN connection. The LAN Port is connected to a switch and behind that switch we have our servers with Active Directory and clients. Quite simple.

However, we now would like to add an additional internal network. This network should be completely separated and will also have its own AD structure and Users etc.

I am wondering how to properly set this up. Especially would it be possible that both networks can us the SSL VPN Feature? How would I be able to access both Active Directory servers so I can define the Users and Group who will be allowed to use the SSL VPN feature.

Any help would be greatly appreciated.
Thanks and Greetings Aktuator



Typo
[edited by: Aktuator at 2:11 PM (GMT -7) on 10 Jun 2021]
  • Hallo,

    The UTM will check multiple Active Directory servers in the order they're listed on the 'Server' tab in 'Authentication Services'.

    Just as you've done with the current users, you can import users from the new AD on the new network and define a new backend group based on an Active Directory Group in the new AD server.  Note that no username in the new AD may be identical to one in the existing AD.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thank you very much Bob!

    This was exactly the answer I was looking for.

    Thanks again!!

    Greetings Aktuator