Are there any recent guides on setting up a Sophos UTM and OpenVPN access server?
The below PDF is a bit long in the tooth hopefully the ports stipulated are still relevant:
I would imagine HTTPS (port 443) traffic is passed onto the OpenVPN access server and it will need to "host" the certificate?
Any guides/details will be much appreciated.
A date constrained search for:
"sophos utm" "openvpn access server"
didn't turn up much.
why don't you use the Sophos UTM as VPN-Server?
It is OpenVPN based as well and you will only have to manage one system at one place.
UTM - 9.711 | Intel Xeon 4-core v3 1225 3.20Ghz 16GB Memory | 500GB SATA HDD | GB Ethernet x5
I understood he wants to put an OpenVPN access Server behind his Sophos UTM.
Mit freundlichem Gruß, best regards from Germany,
New Vision GmbH, GermanySophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.
Thanks for the answers!
Looking into OpenVPN as a viable VPN for the following reasons:
Software/client maturity, plus having Windows, Mac and Linux clients.
My workstation is running Linux so this is a big plus.
Are the 'Remote Access' > SSL' settings only for the 'Sophos Connect' rig?
Having a dig through the manual now:
UTM Downloads | Sophos
OpenVPN Connect app for iOS
Sophos SSL-VPN is OpenVPN based, as already said. You can use any OpenVPN-Client.
Forgot to add 'OpenVPN access server' is "proprietary" software and won't be available within the Sophos UTM.
Ok, John, we know that,
But how can we help you? What is your route you want to go?
From my POV, you don't really "need" another VPN server, when using the UTM. Not technically, not comfortwise and not at all.
OK, I still don't get you.You like your idea, that's ok for me.
But: there is no such guide.
You simply need two DNA-rules, one forwarding UDP 1194 to your internal OpenVPN Access Server, then another one to forward TCP 443 to your internal OpenVPN-access server, That's it. I don't know what is meant by running "direct" onport 943, but this can use 443 as well (see your table above)
You should change the port Sophos Userportal is running on to something different than 443, if you need to use that from remote.