IPsec and SSL VPN overview
You can establish remote access IPsec and SSL VPN connections using the Sophos Connect client.
To enforce the advanced security settings and have greater flexibility in configuration, use the Sophos Connect client.
IPsec and SSL VPN connections
To configure the connections, you must do as follows:
IPsec: Go to Remote access VPN > IPsec and configure the settings.
SSL VPN: Configure the following settings and policies:
- Remote access VPN > SSL VPN > SSL VPN global settings.
- Remote access VPN > SSL VPN.
Sophos Connect client
To download the Sophos Connect client, do as follows:
Administrators: Go to Remote access VPN > IPsec or SSL VPN and click Download client.
Users: On the user portal, users can download the client from VPN > Sophos Connect client.
For more information about the Sophos Connect client and configurations users can download, see VPN clients and configuration files on the user portal.
Provisioning file versus configuration files
You can use a single provisioning file to automatically import remote access IPsec and SSL VPN connections and their updates. Alternatively, you can use the corresponding configuration files for these connection types. You'll need to import the configuration files each time you make changes.
Note
We recommend using the provisioning file. It doesn't require you to share the .scx
file or for users to download the .ovpn
file from the user portal when you update the remote access policies and settings.
See Automatic provisioning, configuration files, and clients.