16. March 2021
This article provides guidelines for configuring the Client to Site SSL VPN feature in conjunction with one-time password authentication, which provides enhanced security for users connecting to the core network.
For OTP authentication, we use the Sophos Authenticator app on mobile devices (both iOS and Android are supported).
Table of contents
- Creating a VPN user
- Enable OTP on Sophos XG
- Creating an SSL VPN connection for remote access
- Download and install the Sophos SSL VPN client
- Open the Sophos XG appliance web interface with an administrator account.
1. Creating a VPN user
- Go to CONFIGURE -> Select Authentication -> Select the Users tab -> Click on Add
- Enter your username
- Enter your password
- Per user type : Select user
- Enter your email address
- In the group: Select the default Sophos group or create a VPN group under the group and select from that group.
- In the surf quota: Select the amount of bandwidth the user can use.
- Access time : Select the time when you want to grant access to your users.
2. Enable OTP on Sophos XG
- Go to SETUP -> Choose Authentication -> Choose a one-time password -> Click Settings.
3. Creating an SSL VPN connection for remote access
- Go to SETUP -> Select VPN -> Select the SSL VPN (remote access) tab -> Click Add.
- Enter a name for the VPN
- Select the VPN user or group that you created earlier.
- In a resolved network resource (IPv4) : Select the networks to which you want to grant VPN users access.
- Click on Apply
- Click Show VPN Settings -> Select SSL VPN -> Override in Host Name : Enter the WAN IP address of the Sophos XG device you want to reach for the VPN.
4. Download and install the Sophos SSL VPN client
- Call up User Protal with the user account you created earlier.
- Download Sophos Authenticator to your mobile device and scan the QR code.
- After scanning the QR code, the Sophos XG device automatically identifies the authenticated user.
- Click on the OTP (Offset Time Synchronization) icon.
- We enter the password we received from the Sophos Authenticator software -> click Verify -> click Apply.
- Save page to log in again with username and password + authenticated password.
- Click on Download Client and Configuration for Windows to download the installation file and install it in the usual way.
- After the installation we can use the VPN with the username and password (password we get from the Sophos Authenticator application)
YOU MAY ALSO BE INTERESTED IN
sophos ssl vpn client configuration,sophos ssl vpn client not connecting,sophos ssl vpn client for android,sophos ssl vpn login,sophos ssl vpn client mac,sonicwall ssl vpn otp,Privacy settings,How Search works,sonicwall global vpn client two-factor authentication,sonicwall 2-factor authentication ssl vpn