Sophos UTM: Useful links for configuring VPN Remote Access

Hi Community,

Some of you may be setting up VPN remote access on the Sophos UTM for the first time. So we wanted ensure that everyone was aware of the great support content available to reference.

Sophos UTM v9.6 - Administration Guide: Remote Access (pg.465)

Sophos UTM v9: Remote Access via SSL and VPN - Configuration Guides

Sophos UTM v9: Remote Access via IPsec - Configuration Guides

 

Regards,

Parents
  • Good idea, Flo!

    Another issue to consider for Remote Access is bandwidth.  If your Down/Up is 200/25, you might want to change to 100/100 for the duration of Social Distancing requiring everyone to work from home where possible.

    With the new Sophos Connect IPsec client, everyone should consider that as one of two first choices.

    Most of my clients are configured with the SSL VPN using UDP (port 1443 is my preference) instead of TCP in order to remove the overhead of TCP with so many remote users.  Also, turn off compression if you find that too many users overload the UTM's CPU.

    The Sophos Connect client is well documented with KnowledgeBase articles.  Although they're aimed at the XG, the concepts are the same.

    I got the IPsec client off my lab XG, but there must be a way to download it from the Sophos site - anybody?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Good idea, Flo!

    Another issue to consider for Remote Access is bandwidth.  If your Down/Up is 200/25, you might want to change to 100/100 for the duration of Social Distancing requiring everyone to work from home where possible.

    With the new Sophos Connect IPsec client, everyone should consider that as one of two first choices.

    Most of my clients are configured with the SSL VPN using UDP (port 1443 is my preference) instead of TCP in order to remove the overhead of TCP with so many remote users.  Also, turn off compression if you find that too many users overload the UTM's CPU.

    The Sophos Connect client is well documented with KnowledgeBase articles.  Although they're aimed at the XG, the concepts are the same.

    I got the IPsec client off my lab XG, but there must be a way to download it from the Sophos site - anybody?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children