(Optional) Create another IP Host using an IP Range that the VPN connection will use (default is 10.81.234.5 to 10.81.234.55). 172.16.16.0) and select the appropriate ‘Subnet’ (i.e. In the ‘IP Address’ field, enter your subnet address (i.e. ‘Local subnet’), select ‘IPv4’ for ‘IP Version’ and select ‘Network’ for ‘Type’. Open the ‘IP Host’ tab on the ‘Host and Services’ page and click ‘Add’. The remaining fields can be left to their default settings. Select ‘Open Group’ under the ‘Group’ drop down which is simply a default group Sophos XG created during setup that allows for unlimited access at all times. ‘User Type’ can be set as desired (leaving the default setting of ‘User’ will suffice). Fill out the ‘Username’, ‘Name’, ‘Password’ and ‘Email’ fields. Open the ‘Users’ tab on the ‘Authentication’ page and click ‘Add’. There is also an option to use a different hostname which will be explained later.Ģ. The reason for this is that when you download the VPN configuration file, it uses this hostname as the address your device will try to access. Open the ‘Admin Settings’ tab on the ‘Administration’ page and type in your FQDN or WAN IP address in the ‘Hostname’ field (ex: ) and click ‘Apply’. After about 3-5 minutes, try accessing or pinging your newly created FQDN.ġ. Select ‘Sophos’ as the ‘Service Provider’ and click ‘Save’. Select your WAN ‘interface’ (likely Port2) and choose ‘NATed Public IP’ next to ‘IPv4 Address’ and set the ‘IP Edit Checking Interval’ as desired (default value of ’20’ works fine).Ĥ. It must end with *. if using Sophos as your DDNS service provider (ex: ).ģ. Type in your desired FQDN in the ‘Hostname’ field. Open the ‘Dynamic DNS’ tab on the ‘Network’ page and click ‘Add’.Ģ.
There are free services available such as but Sophos also offers its own DDNS service for free.ġ. If you do not have a static WAN IP address, create a Fully Qualified Domain Name (FQDN) using a Dynamic DNS service. I’d recommend watching the video as it’s fairly short and following this guide. While the Sophos website has an official “SSL VPN Remote Access” How-To video, it’s missing some important steps.
in mind that this file is unencrypted on your harddisk! In case of using active directory authentication, you need to change this password after a password-change within your company.This guide will explain how to setup SSL VPN to access your home network (LAN). Write your username in the first line and your password in the second line. Create a new pass.txt in your config folder. Change “ auth-user-pass” to “ auth-user-pass pass.txt” and save the file. ovpnĬ:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe” –config_dir “C:\Program Files (x86)\Sophos\Sophos SSL VPN connect the client without typing in your username and password, you can edit your OVPN-file. “ openvpn-gui.exe” –config_dir “ ” –connect. Now go to your startup folder and create a shortcut for this path:
At Windows 10, go to your Taskmanager and deactivate this entry: First, you need to deactivate the automatic start of the openvpn-gui.exe. Today I want to show you how to auto-connect a VPN connection after the windows login.