Hi,
anybody got a site to site openvpn connection working with the UTM. I copied the certificates from the APC file using notepad++ but this didn't seem to work.
Louis
This thread was automatically locked due to age.
Hi Louis-M
Have you followed these articles: Sophos UTM: How to configure a Site to Site SSL VPN tunnel & UTM: SSL Site to Site VPN Troubleshooting? You don't need to import a certificate additionally apart from importing the config file.
Regards
Jaydeep
I've got it working now. It wasn't as simple as a UTM to UTM. This is a UTM to OpenVPN site to site (not remote access)
I had to basically:
1. Use UTM as server
2. Download apc file and extract the certs (CA, Cert & Key)
3. Extract the username/password from above file (this is the bit I was stuck at)
4. Use remote server as SSL client and enter above details/certs
I connected a Teltonika RUTX11 using the UTM as the server side (Fixed IP) and the RUTX11 as the client side (dynamic IP)
This is configured as a site to site SSL VPN on the UTM (not Remote Access)
Certs (CA & Cert + Key) were extracted using notepad++ from the downloaded apc file on the UTM.
Username/Password was also extracted from this file.
RUTX11 client side used TLS+Username/Password
Works very well so far.
The system above is a linux based system (as with most) so I imagine anything that has OpenVPN client on it will work. The trick was to extract the correct details from the apc file and also use TLS+password authentication on the client side. I'm not sure why Sophos make the site to site a little bit harder to configure if it's not another UTM?
I connected a Teltonika RUTX11 using the UTM as the server side (Fixed IP) and the RUTX11 as the client side (dynamic IP)
This is configured as a site to site SSL VPN on the UTM (not Remote Access)
Certs (CA & Cert + Key) were extracted using notepad++ from the downloaded apc file on the UTM.
Username/Password was also extracted from this file.
RUTX11 client side used TLS+Username/Password
Works very well so far.
The system above is a linux based system (as with most) so I imagine anything that has OpenVPN client on it will work. The trick was to extract the correct details from the apc file and also use TLS+password authentication on the client side. I'm not sure why Sophos make the site to site a little bit harder to configure if it's not another UTM?