Sophos ZTNA: Access Sophos Firewall Web Admin from ZTNA (Part 5: Sophos Cloud Gateway)

DisclaimerThis information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.


This Recommended Reads is Part 5 of the Series "Access the Sophos Firewall Web Admin from ZTNA.

Note: You will need the certificate we created in Part 1.


  • Sophos Central Admin privileges 
  • Sophos Firewall v19.5 MR3 or above
  • Certificate and Private key

Set up a Sophos Cloud gateway

Now, we’ll set up a Sophos Cloud gateway to control access to our network's resources.

In this series, we’ll configure our Sophos Firewall as the gateway.

Login to your central account and go to ZTNA > Gateways > Add Gateway

Gateway mode: Sophos Cloud

Name: ZTNA Noshutdown

Enter a meaningful way 


This would be the IP you’ll enter in your browser to access the ZTNA Portal. I recommend starting the name with ZTNA, followed by a dot, and then your domain. 


Pick your validated domain.

Platform type: Firewall

Identify Provider: Azure-IDP

Firewall: Pick your Firewall that will act as a Gateway

Region: Pick the region closer to you

Region: Pick the region closer to you

Upload Certificate: cert.pem

Select the Certificate we created in Part 1; in our case, we name it cert.pem

Upload Private Key: PrivateKey.pem

Select the Private Key we created in Part 1; in our case we name it PrivateKey.pem

Click Save

Once it is saved, you should see in a new entry under Gateways

That is it for creating the Gateway.

[edited by: emmosophos at 12:09 AM (GMT -8) on 2 Dec 2023]