Skip to content

Add a bookmark

Specify the IP address of the endpoint device to which you want to allow access, the connection type, and the security settings.

  1. Go to Remote access VPN > Clientless SSL VPN policy. Under Bookmarks, click Add.
  2. Enter a name.
  3. Select a type (protocol).

    Option Description
    RDP

    Allows remote access to endpoint devices or servers using the Remote Desktop Protocol. Enter the IP address. Change the port, if required. Specify a username and password, if required. Select the Protocol security from the following options:

    • TLS: Establishes TLS-encrypted sessions.
    • NLA (Network Level Authentication): Requires user authentication before establishing an encrypted session. Enter the username and password for authentication.
    • RDP: Establishes encrypted sessions. We recommend establishing TLS or NLA-protected RDP sessions. Specify these settings on the endpoint device or server to which you want to allow access.

    Clientless access only works if your keyboard language is configured to US English regardless of its layout.
    Telnet Allows access to the terminal of the endpoint device or server using telnet. Enter the IP address. Change the port, if required.
    SSH Allows access to the terminal of the endpoint device using Secure Socket Shell. Enter the IP address. Change the port, if required.

    Specify a username, password, or private key, and a public host key, if required.
    FTP Allows access to servers using the File Transfer Protocol. Enter the IP address. Change the port, if required.

    Specify a username and password, if required.
    FTPS Allows secure (TLS and SSL) access to servers using the File Transfer Protocol.

    Enter the IP address. Change the port, if required.

    Specify a username, password, and public host key, if required.
    SFTP Allows secure (SSH) access to servers using the Secure File Transfer Protocol.

    Enter the IP address. Change the port, if required.

    Specify a username, password or private key, and a public host key, if required.
    SMB Allows access to servers using the Server Message Block file-sharing protocol. You can use this to access services, such as files, printers, and serial ports.

    Specify a username and password, if required.
    VNC Allows remote access to Linux and UNIX hosts using Virtual Network Computing. You can use this for remote screen-sharing and control.

    Specify a password, if required.

    Note

    You can specify the service port configured on your endpoint device or server. Make sure you configure the firewall rules accordingly.

  4. Specify the settings.

    Option Description
    Automatic login Turn it on if you don't want users to enter their sign-in credentials. Sophos Firewall establishes sessions using the specified username, password or private key, and the public host key.
    Domain Enter the domain to which you want to allow access.
    Share session Turn it on to allow more than one connection to the same service.
  5. Click Save.