The HTML5 VPN Portal feature enables users from external networks to access internal resources via pre-configured connection types, using only a browser as a client, without installing plug-ins. To do so, users log in to the User Portal of Sophos UTM on AWS where on the HTML5 VPN Portal tab a list of all connections available to them is shown. Clicking on the Connect button initiates the connection to the defined internal resource. As an administrator, you have to generate these connections beforehand, specifying the allowed users, the connection type and other settings. Internal resources can be accessed using different connection types: either Remote Desktop Protocol (RDP) or Virtual Network Computing (VNC) to access remote desktops, a browser to use web applications (HTTP/HTTPS), or Telnet/Secure Shell (SSH) for terminal sessions. However, the HTML5 VPN Portal does not permit to download content, e.g. via HTTP, to the user's local computer.
Using this feature it is possible to give multiple users access to internal resources which do not support multi-user access themselves (e.g., network hardware like switches) or easily provide very granular access to just one specific service instead of giving access to entire systems or networks.
- Give access to telephone service company to maintain your telephone system.
- Give access to a specific internal website, e.g., intranet.
Important Note – With Safari browser on Mac OSX or iOS, users have to import the CA certificate of Sophos UTM on AWS first before they can use clientless access. The CA certificate can be downloaded from Sophos UTM on AWS under Remote Access > Certificate Management > Certificate Authority.
Note – Users' browser has to be HTML5-compliant. The following browsers support the HTML5 VPN feature: Firefox 6.0 onwards, Internet Explorer 10 onwards, Chrome, Safari 5 onwards (on MAC only).
Note – It is not possible to have multiple users with dedicated sessions.