On the SSL > Advanced tab you can configure various advanced server options ranging from the cryptographic settings, through compression settings, to debug settings.
Note – This tab is identical for Site-to-site VPN > SSL and Remote Access > SSL. Changes applied here always affect both SSL configurations.
These settings control the encryption parameters for all SSL VPN remote access clients:
Encryption algorithm: The encryption algorithm specifies the algorithm used for encrypting the data sent through the VPN tunnel. The following algorithms are supported, which are all in Cipher Block Chaining (CBC) mode:
Authentication algorithm: The authentication algorithm specifies the algorithm used for checking the integrity of the data sent through the VPN tunnel. Supported algorithms are:
Note –Sophos UTM does not support wildcard certificates and certificates signed by an intermedia CA in the SSL VPN.
Compress SSL VPN traffic: When enabled, all data sent through SSL VPN tunnels will be compressed prior to encryption.
Enable debug mode: When enabling debug mode, the SSL VPN log file will contain extended information useful for debugging purposes.
© 2019 Sophos Limited | Sophos UTM 9.600 |