Skip to content
Last update: 2022-05-25

Add a remote access SSL VPN policy

To add a remote access policy, do as follows:

  1. Go to Remote access VPN > SSL VPN and click Add.
  2. Enter a name.
  3. Select the policy members.Sophos Firewall allows access to the specified network resources for the preconfigured users and groups you select.

  4. Specify tunnel access settings.

    Option Description
    Use as default gateway Use this remote access policy as the default gateway. When on, all traffic, including external internet requests, is forwarded to a default gateway. When off, internal and external traffic is handled by different gateways.
    Permitted network resources Resources to which this policy permits access. If you want SSL VPN clients to be able to communicate, add the clients' network address, for example the default SSL VPN pool (


    You must configure the default gateway on the WAN interface.

  5. Specify the idle time-out settings.

    Option Description
    Disconnect idle clients Disconnects idle clients from the session after the specified time.
    Override global timeout Time, in seconds, after which the firewall disconnects idle clients.
  6. Click Apply.

Next step: Go to Administration > Device access and make sure you've selected the LAN and WAN zones for the user portal. Users can access the user portal from these zones.

Back to top