SlideShare a Scribd company logo

Sophos XG FIREWALL SSL VPN Configuration

Download as DOCX, PDF
Naseem Khoodoruth, profile picture
Naseem Khoodoruth

The document provides a guide for configuring and using a Sophos XG firewall with SSL VPN and Single Sign-On (SSO) for remote work. It details steps for installing necessary agents on the primary domain controller, setting up VPN access, and enabling authentication through Active Directory. Additionally, it includes instructions for downloading and installing the SSL VPN client to securely connect to the office network.

Technology
1 of 12
Download to read offline
1
2
Most read
3
Most read
4
5
Most read
6
7
8
9
10
11
12
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 1 SOPHOS XG FIREWALL Contents SOPHOS XG FIREWALL .......................................................................................................................................... 1 Configure and enable Single Sign-on (SSO) ......................................................................................................... 2 Install Agent on Primary Domain Controller .................................................................................................... 2 Setup VPN on the XG Firewall................................................................................................................................ 7 How to use SSL VPN through Sophos XG Firewall (Join Domain Computers) ........................................................... 11
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 2 Configure and enable Single Sign-on (SSO) Install Agent on Primary Domain Controller Downloadandinstall STASonthe domaincontroller Port shouldbe openonAD: AD= XG UDP 6060, XG = AD UDP 6677, Agent= collectorTCP5566 Install the STASsuite onthe Primary DomainController
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 3 Specifythe networktomonitorandSTA collector Once configure testthe connectivitywiththe SophosAppliance,if youhave additional domaincontrollerdeploy STASagent andspecifycollectorthe primarydomaincontroller
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 4 Enable STASon the XG Firewall GO to authentication Addyou active directoryserver
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 5 Addthe serverfor authentication In Active directorycreate asecuritygroupandadd memberswhichwill be allow forSSLVPN Afterimportthe SSL VPN Users group to XG Firewall
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 6
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 7 Setup VPN on the XG Firewall For accessto VPN the VPN port and userportal mustbe openfromthe wan to downloadinstaller,configurationand access (inmyscenarioport444 and 8443 has beenopenonthe ISPRouter – PortForwarding) Configure SSLVPN(remote access) andin the Policymembersaddthe SSLVPN Usersgroup that needVPN Access
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 8 Enable the tunnel accessforyour office network Gatewaycan be turnoff if clientside will use theirWAN (example:theirmytathome) Setupthe VPN settings
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 9 Create the Firewall Rule
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 10 Allowaccesstouserportal andssl vpnfromWAN
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 11 How to use SSL VPN through Sophos XG Firewall (Join Domain Computers) Work outside the Office Securely Connectto the publicname and downloadyoursetup+ configurationfile Importantnote: each userhas to downloadtheirownsetupandconfigurationfile URL: https://example.dyndns.biz:444 Loginto the portal usingyourusername andpassword Go to SSL VPN and downloadclientandconfigurationforwindows
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 12 Afterdownload,proceedwithinstallationof the SSLVPN client(Install) Afterinstallation,lookforthe icon rightclickandconnect (Internetconnectionisrequired) Enter yourwindowsusername andpassword Once you are connect the iconwill change fromred to green - now you are connectedwiththe server (xxxx.LOCAL) As fromhere youcan browse or connectto your terminal server

More Related Content

PDF
Projet stage : Mise en place d'un système générique de sauvegarde et de rest...
Gedeon AGOTSI
 
PDF
VPN site-to-site.pdf
gorguindiaye
 
PDF
Mise en place d'une Plateforme de Supervision et de Détection d'Intrusion Sys...
Alaaeddine Tlich
 
PDF
Rapport de Projet de Fin de Parcours
Nadine hrira
 
PPTX
Mise en place d’une infrastructure cloud basée sur cloudstack
chammem
 
PDF
configuration vpn-ipsec-routeur
JULIOR MIKALA
 
PPTX
Splunk Phantom SOAR Roundtable
Splunk
 
PPTX
CA_Module_1.pptx
YazanSalileh
 
Projet stage : Mise en place d'un système générique de sauvegarde et de rest...
Gedeon AGOTSI
 
VPN site-to-site.pdf
gorguindiaye
 
Mise en place d'une Plateforme de Supervision et de Détection d'Intrusion Sys...
Alaaeddine Tlich
 
Rapport de Projet de Fin de Parcours
Nadine hrira
 
Mise en place d’une infrastructure cloud basée sur cloudstack
chammem
 
configuration vpn-ipsec-routeur
JULIOR MIKALA
 
Splunk Phantom SOAR Roundtable
Splunk
 
CA_Module_1.pptx
YazanSalileh
 

What's hot (20)

PDF
Mémoire L3
Jean Luc HERINIAINA
 
PDF
Rapport pfe isi_Big data Analytique
Yosra ADDALI
 
PDF
Authentification Forte 1
Sylvain Maret
 
PDF
Alphorm.com Formation Certification NSE4 : Fortinet Fortigate Security 6.x
Alphorm
 
PDF
PNETLab.pdf
RigobertoZarate4
 
PDF
Mise en place d’un système de détection
Manassé Achim kpaya
 
PDF
Secure Access – Anywhere by Prisma, PaloAlto
Prime Infoserv
 
PDF
Etude et mise en place d’une solution open source de gestion de la sécurité d...
Mohammed LAAZIZLI
 
PDF
PRÉSENTATION D’UN KIT SIEM DÉDIÉ AUX PMES
TelecomValley
 
PDF
Les Outils de la CSA (Cloud Security Alliance)
Yann Riviere CCSK, CISSP, CRISC, CISM
 
PPTX
Top 10 use cases for Microsoft Purview.pptx
Alistair Pugin
 
PDF
Mise En Place d'une Solution de Supervision Réseau
Yaya N'Tyeni Sanogo
 
PPTX
SOC and SIEM.pptx
SandeshUprety4
 
PDF
Implementation d'un portail captif cas de pfsense produit par bamba bamoussa
Bamoussa Bamba
 
PDF
55174240 rapport-cloud-computing
noussa krid
 
PDF
Rapport PFE ingénieur réseaux marwen SAADAOUI ( Juin 2018 )
Saadaoui Marwen
 
PPTX
Système de détection d'intrusion (Intrusion Detection System)
YousraChahinez
 
PDF
projet sur le vpn presentation
Manuel Cédric EBODE MBALLA
 
PDF
Étude et mise en place d'un serveur messengerie
iferis
 
PDF
Protocole IKE/IPsec
Thomas Moegli
 
Mémoire L3
Jean Luc HERINIAINA
 
Rapport pfe isi_Big data Analytique
Yosra ADDALI
 
Authentification Forte 1
Sylvain Maret
 
Alphorm.com Formation Certification NSE4 : Fortinet Fortigate Security 6.x
Alphorm
 
PNETLab.pdf
RigobertoZarate4
 
Mise en place d’un système de détection
Manassé Achim kpaya
 
Secure Access – Anywhere by Prisma, PaloAlto
Prime Infoserv
 
Etude et mise en place d’une solution open source de gestion de la sécurité d...
Mohammed LAAZIZLI
 
PRÉSENTATION D’UN KIT SIEM DÉDIÉ AUX PMES
TelecomValley
 
Les Outils de la CSA (Cloud Security Alliance)
Yann Riviere CCSK, CISSP, CRISC, CISM
 
Top 10 use cases for Microsoft Purview.pptx
Alistair Pugin
 
Mise En Place d'une Solution de Supervision Réseau
Yaya N'Tyeni Sanogo
 
SOC and SIEM.pptx
SandeshUprety4
 
Implementation d'un portail captif cas de pfsense produit par bamba bamoussa
Bamoussa Bamba
 
55174240 rapport-cloud-computing
noussa krid
 
Rapport PFE ingénieur réseaux marwen SAADAOUI ( Juin 2018 )
Saadaoui Marwen
 
Système de détection d'intrusion (Intrusion Detection System)
YousraChahinez
 
projet sur le vpn presentation
Manuel Cédric EBODE MBALLA
 
Étude et mise en place d'un serveur messengerie
iferis
 
Protocole IKE/IPsec
Thomas Moegli
 
Ad

Similar to Sophos XG FIREWALL SSL VPN Configuration (20)

PDF
Hosted security
Mari Hansen
 
PPTX
XO _Hosted Security Product Overview__v.21 (1)
Pasquale Tursi
 
PPT
12 Understanding V P Ns
AamirAziz
 
PDF
Ch8 - Implementing Virtual Private Networks
OhmRon
 
PPT
Acit Mumbai - understanding vpns
Sleek International
 
PPTX
PACE-IT: Networking Services and Applications (part 1) - N10 006
Pace IT at Edmonds Community College
 
PDF
Citirx Day 2013: Citrix Enterprise Mobility
Digicomp Academy AG
 
PDF
online-module-guide.pdf
ssusera1b6c7
 
PPT
Virtual private networks by darshana viduranga
Darshana Viduranga
 
PPTX
Meet XO Communications
MeetXO
 
PPTX
Meet XO Communications - 2011
XO Communications
 
PPTX
Meet XO
Tony Duncan
 
PDF
Vpn security agenda by cover our privacy
Eric Fedewa
 
PPT
V P N
bhathiji
 
PPT
CCNA Security - Chapter 8
Irsandi Hasan
 
PPT
Chapter 8 overview
ali raza
 
PDF
Sangfor SSL VPN Datasheet
Sangfor Technologies USA
 
PPTX
Meet XO Communications
XO Communications
 
PPTX
vpn
vimal0123
 
PPTX
ENSA_Module_8.pptx
SkyBlue659156
 
Hosted security
Mari Hansen
 
XO _Hosted Security Product Overview__v.21 (1)
Pasquale Tursi
 
12 Understanding V P Ns
AamirAziz
 
Ch8 - Implementing Virtual Private Networks
OhmRon
 
Acit Mumbai - understanding vpns
Sleek International
 
PACE-IT: Networking Services and Applications (part 1) - N10 006
Pace IT at Edmonds Community College
 
Citirx Day 2013: Citrix Enterprise Mobility
Digicomp Academy AG
 
online-module-guide.pdf
ssusera1b6c7
 
Virtual private networks by darshana viduranga
Darshana Viduranga
 
Meet XO Communications
MeetXO
 
Meet XO Communications - 2011
XO Communications
 
Meet XO
Tony Duncan
 
Vpn security agenda by cover our privacy
Eric Fedewa
 
V P N
bhathiji
 
CCNA Security - Chapter 8
Irsandi Hasan
 
Chapter 8 overview
ali raza
 
Sangfor SSL VPN Datasheet
Sangfor Technologies USA
 
Meet XO Communications
XO Communications
 
vpn
vimal0123
 
ENSA_Module_8.pptx
SkyBlue659156
 
Ad

More from Naseem Khoodoruth (15)

DOCX
Azure File Share and File Sync guide (Beginners Edition)
Naseem Khoodoruth
 
DOCX
How to install and use MS Teams for meeting and live events
Naseem Khoodoruth
 
DOCX
How to install and use microsoft teams for beginners
Naseem Khoodoruth
 
DOCX
Work from home under the lockdown
Naseem Khoodoruth
 
DOCX
Fortinet SSL VPN access
Naseem Khoodoruth
 
TXT
Powershell direct
Naseem Khoodoruth
 
DOCX
Exchange 2010/2013 Exchange Management Shell Command
Naseem Khoodoruth
 
TXT
Basic command for Time sync (Domain Controllers)
Naseem Khoodoruth
 
PDF
Implementation of Scom 2016
Naseem Khoodoruth
 
PDF
Sophos_XG_Firewall_Certified_Engineer v15.0
Naseem Khoodoruth
 
PDF
Backup Exec 15 VSEPlus
Naseem Khoodoruth
 
PDF
Backup Exec 15 VSE
Naseem Khoodoruth
 
PDF
CP250915V3.1EL14818
Naseem Khoodoruth
 
PDF
DSST0214WBTS - Dell Support Services training.PDF
Naseem Khoodoruth
 
PDF
MCSA Office 365
Naseem Khoodoruth
 
Azure File Share and File Sync guide (Beginners Edition)
Naseem Khoodoruth
 
How to install and use MS Teams for meeting and live events
Naseem Khoodoruth
 
How to install and use microsoft teams for beginners
Naseem Khoodoruth
 
Work from home under the lockdown
Naseem Khoodoruth
 
Fortinet SSL VPN access
Naseem Khoodoruth
 
Powershell direct
Naseem Khoodoruth
 
Exchange 2010/2013 Exchange Management Shell Command
Naseem Khoodoruth
 
Basic command for Time sync (Domain Controllers)
Naseem Khoodoruth
 
Implementation of Scom 2016
Naseem Khoodoruth
 
Sophos_XG_Firewall_Certified_Engineer v15.0
Naseem Khoodoruth
 
Backup Exec 15 VSEPlus
Naseem Khoodoruth
 
Backup Exec 15 VSE
Naseem Khoodoruth
 
CP250915V3.1EL14818
Naseem Khoodoruth
 
DSST0214WBTS - Dell Support Services training.PDF
Naseem Khoodoruth
 
MCSA Office 365
Naseem Khoodoruth
 

Recently uploaded (20)

PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Teaching material agriculture food technology
LiaRayya
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
A Presentation on Artificial Intelligence
memembruh336
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Approach and Philosophy of On baking technology
30anthuong17
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 

Sophos XG FIREWALL SSL VPN Configuration

  • 1. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 1 SOPHOS XG FIREWALL Contents SOPHOS XG FIREWALL .......................................................................................................................................... 1 Configure and enable Single Sign-on (SSO) ......................................................................................................... 2 Install Agent on Primary Domain Controller .................................................................................................... 2 Setup VPN on the XG Firewall................................................................................................................................ 7 How to use SSL VPN through Sophos XG Firewall (Join Domain Computers) ........................................................... 11
  • 2. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 2 Configure and enable Single Sign-on (SSO) Install Agent on Primary Domain Controller Downloadandinstall STASonthe domaincontroller Port shouldbe openonAD: AD= XG UDP 6060, XG = AD UDP 6677, Agent= collectorTCP5566 Install the STASsuite onthe Primary DomainController
  • 3. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 3 Specifythe networktomonitorandSTA collector Once configure testthe connectivitywiththe SophosAppliance,if youhave additional domaincontrollerdeploy STASagent andspecifycollectorthe primarydomaincontroller
  • 4. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 4 Enable STASon the XG Firewall GO to authentication Addyou active directoryserver
  • 5. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 5 Addthe serverfor authentication In Active directorycreate asecuritygroupandadd memberswhichwill be allow forSSLVPN Afterimportthe SSL VPN Users group to XG Firewall
  • 6. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 6
  • 7. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 7 Setup VPN on the XG Firewall For accessto VPN the VPN port and userportal mustbe openfromthe wan to downloadinstaller,configurationand access (inmyscenarioport444 and 8443 has beenopenonthe ISPRouter – PortForwarding) Configure SSLVPN(remote access) andin the Policymembersaddthe SSLVPN Usersgroup that needVPN Access
  • 8. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 8 Enable the tunnel accessforyour office network Gatewaycan be turnoff if clientside will use theirWAN (example:theirmytathome) Setupthe VPN settings
  • 9. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 9 Create the Firewall Rule
  • 10. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 10 Allowaccesstouserportal andssl vpnfromWAN
  • 11. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 11 How to use SSL VPN through Sophos XG Firewall (Join Domain Computers) Work outside the Office Securely Connectto the publicname and downloadyoursetup+ configurationfile Importantnote: each userhas to downloadtheirownsetupandconfigurationfile URL: https://example.dyndns.biz:444 Loginto the portal usingyourusername andpassword Go to SSL VPN and downloadclientandconfigurationforwindows
  • 12. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 12 Afterdownload,proceedwithinstallationof the SSLVPN client(Install) Afterinstallation,lookforthe icon rightclickandconnect (Internetconnectionisrequired) Enter yourwindowsusername andpassword Once you are connect the iconwill change fromred to green - now you are connectedwiththe server (xxxx.LOCAL) As fromhere youcan browse or connectto your terminal server