Skip to content
The XG Series hardware appliances will reach end-of-life (EOL) on March 31, 2025. Click here to see the XG to XGS migration documentation.

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/nsg/sophos-firewall/21.0/Help/en-us/webhelp/onlinehelp/index.html?contextId=remote-access-VPN-clientless-bookmark-fileserver-access

Remote access to file servers

Add a bookmark to remotely access the file servers using FTP, FTPS, SFTP, or SMB protocols.

Add bookmarks for file servers

  1. Go to Remote access VPN > Clientless SSL VPN policy.
  2. Under Bookmarks, click Add.
  3. Enter a name.
  4. Under Type, select FTP, FTPS, SFTP, or SMB.

  1. Under URL, enter the server's static IP address or hostname.

    The firewall doesn't support dynamic IP addresses.

  2. Optional: Enter the service port configured on the endpoint or server if it differs from the default value.

  3. Optional: Turn on Automatic login and enter the server's username and password if you want the firewall to automatically establish sessions with these credentials.

    If you turn it off, users must enter the server's sign-in credentials.

  4. Optional: Under Init remote folder, enter the folder to which users require access.

You can allow secure SSL/TLS access to FTP servers.

  1. Under URL, enter the server's static IP address or hostname.

    The firewall doesn't support dynamic IP addresses.

  2. Optional: Enter the service port configured on the endpoint or server if it differs from the default value.

  3. Optional: Turn on Automatic login and enter the server's username and password if you want the firewall to automatically establish sessions with these credentials.

    If you turn it off, users must enter the server's sign-in credentials.

  4. Under Public host key, paste the server certificate in .pem format.

  5. Optional: Under Init remote folder, enter the folder to which users require access.

You can allow secure access to FTP servers through SFTP. It uses the SSH protocol.

  1. Under URL, enter the server's static IP address or hostname.

    The firewall doesn't support dynamic IP addresses.

  2. Optional: Enter the service port configured on the endpoint or server if it differs from the default value.

  3. Enter a username from the server's credentials.

  4. Under Authentication method, select an option:

    • Password: Enter the server's password.
    • Private key: Generate a public-private key pair using an application, such as PuTTYgen, and enter the private key.

    The firewall automatically authenticates users based on the password or private key you specify. It doesn't require users to enter the server's password.

  5. Under Public host key, paste the server certificate in .pem format.

  6. Optional: Under Init remote folder, enter the folder to which users require access.

You can allow access to file servers using the Server Message Block (SMB) file-sharing protocol.

  1. Under URL, enter the server's static IP address or hostname.

    The firewall doesn't support dynamic IP addresses.

  2. Optional: Enter the service port configured on the endpoint or server if it differs from the default value.

  3. Optional: Turn on Automatic login and enter the server's username and password if you want the firewall to automatically establish sessions with these credentials.

    If you turn it off, users must enter the server's sign-in credentials.

  4. Optional: Enter the Windows network domain to which the user account and the endpoint belong.

    Here's an example of the format: test or test.example or test.example.com

  5. Optional: Under Init remote folder, enter the folder to which users require access.

Add to clientless SSL VPN policy

Add the bookmark to a clientless SSL VPN policy. See Add a clientless SSL VPN policy.

File servers' connection options

Users can access the bookmarks through the VPN portal. To establish the connection, they must click the bookmark. See Clientless access connections.

To stop a session, upload a file, create a new folder, or go to the parent folder in FTP, FTPS, and SFTP sessions, users must click a button in the upper-right corner.

FTP options.

Note

When users download files from the destination server, it's done without a prompt. Files are downloaded to the default folder, such as Downloads, on users' endpoints.

More resources