Configure system settings

When you log in to Sophos Mobile Admin for the first time after installation, the First steps wizard assists you in configuring system settings.

You must provide the following:
  • The address of your HTTP proxy server (if applicable).
  • Your license key for Sophos Mobile.
  • Your SSL/TLS certificates.
  • The credentials for your SMTP server.
Note You can change all settings later under Setup > Sophos setup.
  1. On the HTTP proxy page, enter the address and port of a proxy server to be used for outbound HTTP and SSL/TLS connections.
  2. On the License page, enter your license key or request a trial license:
    • Standard license key: Enter your Mobile Standard license key and click Activate.
    • Advanced license key: Enter your Mobile Advanced license key and click Activate. You must enter a Mobile Standard license key first.
    • Request trial: Enter the email address you used to download the Sophos Mobile installer from the Sophos website.
  3. On the SSL/TLS page, configure the SSL/TLS certificates used for securing the connections between the Sophos Mobile server and the clients.
    1. Click Auto-discover certificate(s).

      In most cases the auto-discover function can discover the certificates currently in use.

    2. If the certificates are not discovered automatically, upload them manually: Click Upload a file and select the relevant CER or DER encoded certificate file.

    You can configure up to four certificates because, depending on your network architecture, different certificates may be in use for clients connecting from the internet or from your local intranet. The Sophos Mobile server will communicate the list of certificates to the clients. On establishing an SSL or TLS connection, the clients will only trust the server if the presented certificate is included in the list (“Certificate pinning”).

    Warning Update the certificate list when you have changed or renewed SSL certificates. At any given time, at least one valid certificate must be available. Otherwise the clients will not trust the server and will not connect to it.
  4. On the SMTP page, configure the SMTP server information and logon credentials. SMTP must be configured to enable emails to be sent to new users, providing them with logon credentials. It also needs to be configured to enable enrollment through email.
    OptionDescription
    SMTP host The SMTP server address.
    Connection port The server port to connect to.
    Note The displayed connection types (TLS, SSL, and unencrypted) only show standard port usages. See the documentation of the SMTP server for guidelines on which port to use.
    SMTP user If required by the SMTP server, enter the name of a user that is allowed to connect.
    SMTP password The password of the SMTP user.
    Email originator The email address that will appear in the From field of emails from Sophos Mobile.
    Originator name The author name that will appear in the From field.

    If required, you can configure a different originator name (but not email address) for each customer later on. See Configure Email.

    Send error emails Sophos Mobile will send error emails, for example when an APNs certificate expires.
    New email recipient Enter email addresses of the recipients that will receive error emails.
    Note Sophos Mobile does not support the OAUTH mechanism for SMTP authentication. Email providers that prefer OAUTH (like for example Google Gmail) might classify sign-in attempts from Sophos Mobile as insecure.
  5. After you’ve configured the SMTP information, click Send test email to verify the email configuration.
  6. Click Finish to complete the First steps wizard.