This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Use SSL VPN as gateway for clients

We have a few customers who have set up access for development machines / services by explicitly specifying our office IP. On its own - not a problem. However some employees work from home and here there's some trouble.

We also have an SSTP VPN and a new SSTP VPN connection on Windows will mark the newly created VPN as the default gateway - so we're not currently stuck because of this (users who need to use the office IP to connect to clients get explicit instructions on how to set that VPN up).

But I wanted to know: can something similar can be set up with Sophos and its SSL VPN?

This thread was automatically locked due to age.

Top Replies

JosefBergmann over 1 year ago +1 verified

Hi Mateusz, yes you can config the SSL VPN for the clients as default gateway in the Sophos UTM Firewall. Simple put "Any" in the "Local Networks".

+1 JosefBergmann over 1 year ago

Hi Mateusz,

yes you can config the SSL VPN for the clients as default gateway in the Sophos UTM Firewall. Simple put "Any" in the "Local Networks".

bye Josef

BERGMANN engineering & consulting GmbH, Wien/Austria
Cancel
Vote Up +1 Vote Down

Cancel
0 Mateusz Bender over 1 year ago in reply to JosefBergmann

Oooh, awesome! I had no idea this is how it works. Thanks!
Cancel
Vote Up 0 Vote Down

Cancel
0 JosefBergmann over 1 year ago in reply to Mateusz Bender

just to be said, some users suggested to put alternative "Internet IPv4" in "Local Networks".

bye Josef

BERGMANN engineering & consulting GmbH, Wien/Austria
Cancel
Vote Up 0 Vote Down

Cancel
0 Mateusz Bender over 1 year ago in reply to JosefBergmann

That's... actually what I did. ;) It's just that your response made me realize that this setting has broader implications than just a list of "which internal networks users can access" so that was the first thing I tried.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 1 year ago in reply to JosefBergmann

Hallo Josef,

I've seen too many unexpected consequences from using "Any" over the years, even some bugs. I prefer to include "Internet IPv4" along with the local LAN(s) the remote user should access.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel