Hello Guys,
I am currently trying to setup two different IPsec VPNs.
The first one is to simply connect to our Network and the other one is to route all traffic threw the firewall, if you are in a cafe for example.
So far so good. They both work independently.
We use a Sophos SG230 (9.712-12) with UTM 9 on our Clients we have Sophos Connect (2.2.75.0506).
When i try to import the configuration file (*.tgb) into Sophos Connect, it only imports one Profile.
In the config file i can see both Profiles, why does it only import one of them?
Then i reached out to the support, they recommendet the use of a provisioning file.
Sounded pretty good and when i made one it wouldn't work, i get an error telling me "Unable to connect to policy gateway."
Then i asked if it is even possible with a UTM 9 firewall, never got an awnser.
So how do i get 2 VPN Profiles into my Sophos Connect without manually snipping the second profile and pasting it into another config file where it says Profile1 too?
If somebody needs more information feel free to ask and i'll provide them.
Hopefully we can find an awnser.
As i know, provisioning file is for Sophos XG/firewall only - not for SG/UTM.If you try to import two configurations with the same destination, the 2nd configuration will overwrite the first.2 definitions…
Hello Rico Stiekel,Thank you for reaching out to the community, you can refer the following KBAs below:1.) Sophos Connect: Command line interface (CLI) guide - https://support.sophos.com/support/s/article/KB-000038531?language=en_US2.) Deploy Sophos connect MSI using script via GPO - https://support.sophos.com/support/s/article/KB-000040793?language=en_US3.) Sophos Connect provisioning file - https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/VPN/RemoteAccessVPN/VPNSConProvisioningFile/index.html4.) Configure IPsec remote access VPN with Sophos Connect client - https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/RemoteAccessVPN/HowToArticles/RAVPNIPsecSConClient/index.htmlAdditionally, you can Push to C:\Program Files (x86)\Sophos\Connect\import
Thanks & Regards,
Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.
Do i have to configure something on my UTM 9 to make the provisioning file work?
I get an error ->
Rico Stiekel said:"Unable to connect to policy gateway."
The one i made wont work.
[ { "gateway": "<Public IP of our Firewall>", "user_portal_port": 443, "otp": false, "auto_connect_host": "<Internal IP of the Firewall>", "can_save_credentials": true, "check_remote_availability": false, "run_logon_script": false }]
There is a techvid in the provisioning kba shared above.
As i know, provisioning file is for Sophos XG/firewall only - not for SG/UTM.If you try to import two configurations with the same destination, the 2nd configuration will overwrite the first.2 definitions (user) for the same destination do not work.
Dirk
Systema Gesellschaft für angewandte Datentechnik mbH // Sophos Platinum PartnerSophos Solution Partner since 2003 If a post solves your question, click the 'Verify Answer' link at this post.
Thank you, that helps me a lot!
Thanks & Regards