Getting a Preshared Key or Certificate

The UTM User Portal is available to all remote access users. From this portal, you can download guides and tools for the configuration of your client. You should get the following user credentials for the User Portal from your system administrator: IP address, username, and password.

Especially for the L2TP remote access with authentication based on Preshared key, the User Portal offers the shared secret. For authentication with X.509 certificate, the User Portal offers the necessary certificate.

  1. Start your browser and open the User Portal.

    Start your browser and enter the management address of the User Portal as follows: https://IP address (example:

    A security note will be displayed.

    Accept the security note. Depending on the browser, click I Understand the Risks > Add Exception > Confirm Security Exception (Mozilla Firefox), or Proceed Anyway (Google Chrome), or Continue to this website (Microsoft Internet Explorer).

  2. Log in to the User Portal.

    Enter your credentials:

    Username: Your username, which you received from the administrator.

    Password: Your password, which you received from the administrator. Please note that passwords are case-sensitive.

    Click Login.

  3. On the Remote Access page, download the tools and/or configuration guide for setting up your remote access connection.

    This page can contain up to five sections, depending on the remote access connection types (IPsec, SSL, L2TP, PPTP, iOS devices) your administrator enabled for you.

    At the top of most of the sections you find a help icon which opens the respective remote access guide.

The available data depends on the authentication mode configured by the administrator. With preshared key, click the Display button to see the preshared key. Otherwise, a certificate is available. In the Export password field, enter a password to secure the PKCS#12 container before downloading the certificate. Note that you will need the security password of the certificate later on.

  1. Close the User Portal session by clicking Log out.

The rest of the configuration takes place on the remote user client. This step will require the IP address or hostname of the server, which should be supplied by the system administrator.

© 2019 Sophos Limited Sophos UTM 9.600