SSL VPN
You can establish remote access SSL VPN connections between your endpoint and your organization's network.
You must download the Sophos Connect or Tunnelblick client, the SSL VPN configuration, and import the configuration.
Supported endpoints
You can use the Sophos Connect client to configure the connection on the following endpoints:
- Windows 10 and 11 devices
You can't use the Sophos Connect client to configure the connection on the following endpoints:
- macOS devices
- Linux devices
- Mobile devices
You can use the Tunnelblick client for macOS devices and the OpenVPN client for mobile devices.
You can establish remote access SSL VPN connections between your Windows device and your organization's network.
Download the Sophos Connect client
- Sign in to the VPN portal.
- Go to VPN.
-
Under Sophos Connect client, click Download for Windows.
-
Click the downloaded file to install the Sophos Connect client on your device.
You can see the client on your desktop.
-
Double-click the client.
You can then see it in the tray in the lower-right corner for Windows and the upper-right corner for macOS devices.
Download the configuration file
-
On the VPN portal, under VPN configuration, click Download configuration for Windows, macOS, Linux for one of the following options:
- Use with Sophos Connect and OpenVPN Connect v2 clients: Supports the Sophos Connect client and OpenVPN Connect 2.0 clients.
- Use with OpenVPN Connect v3 clients: Supports the OpenVPN Connect 3.0 clients.
You'll download the
.ovpn
configuration file.Note
You can see the SSL VPN configuration files for download only if your administrator has configured a remote access SSL VPN policy for you.
Import the configuration file to the client
-
Click the Sophos Connect client on your endpoint and click Import connection.
-
Select the
.ovpn
configuration file you've downloaded.Here's an example of an imported connection:
-
Click Connect to sign in.
-
Enter your VPN portal username and password.
-
Enter the verification code if your organization requires two-factor authentication.
- Click Sign in.
This establishes the remote access SSL VPN connection. Future connections are established automatically.
You can establish remote access SSL VPN connections between your macOS device and your organization's network using the Tunnelblick client.
Note
Tunnelblick isn't a Sophos product. For details and support, see Tunnelblick website.
Download the Tunnelblick client
- Go to Tunnelblick downloads.
-
Download the stable version of the Tunnelblick client.
-
Open the downloaded file and install the Tunnelblick client.
-
Select Check for updates and Check for IP address changes, and click Continue.
-
Click Quit on the next window.
Download the configuration file
-
In the VPN portal, under VPN configuration, click Download configuration for Windows, macOS, Linux.
This downloads the
.ovpn
file.Note
You can see the SSL VPN configuration files for download only if your administrator has configured a remote access SSL VPN policy for you.
Import the configuration file to the client
You can import the configuration file in two ways.
- Double-click the
.ovpn
configuration file. - In the pop-up window Install configuration for all users, click Only me and enter your macOS password.
- Click OK on the warning pop-up.
Establish the connection
-
Click the Tunnelblick icon on the menu bar and click the imported configuration.
-
Enter your VPN portal username and password.
- Enter the verification code if your organization requires two-factor authentication.
- Click OK.
This establishes the remote access SSL VPN connection. Future connections are established automatically.
You can establish remote access SSL VPN connections between your Linux device and your organization's network.
Download the configuration file
-
On the VPN portal, under VPN configuration, click Download configuration for Windows, macOS, Linux.
This downloads the
.ovpn
file.Note
You can see the SSL VPN configuration files for download only if your administrator has configured a remote access SSL VPN policy for you.
Establish the connection
- Open the terminal.
-
Type the command
sudo openvpn --config
and drag the.ovpn
configuration file to the terminal window.Alternatively, you can type the exact file path after the command.
-
Press Enter.
- Enter your Linux device password.
- Enter your VPN portal username and password.
- Enter the verification code if your organization requires two-factor authentication.
This establishes the remote access SSL VPN connection.
Note
Closing the terminal window disconnects the tunnel.
Tip
If tunnels that had connected earlier don't connect later, download the .ovpn
configuration file again from the VPN portal, and import it to the Sophos Connect client.
You must do this if your administrator has made configuration changes.