This chapter describes how to enable SSL remote access, configuring basic settings and access control.
Open the Remote Access > SSL > Global tab.
Enable SSL.
Enable SSL remote access by clicking the Enable button.
The toggle switch turns amber and the page becomes editable.
Make the following settings:
Select authorized users and assign access conditions.
Users and groups: Select the users and user groups that should be able to use SSL remote access (in this example: gforeman).
Local networks: Select the local networks that should be reachable to SSL clients (in this example: Internal (Network)).
Note – If you wish the SSL-connected users to be allowed to access the Internet, you need to select Any in the Local networks dialog box. Additionally, you need to define appropriate Masquerading or NAT rules.
Automatic firewall rules: If selected, once the VPN tunnel is successfully established, the firewall rules for the data traffic will automatically be added. After the connection is terminated, the firewall rules are removed. If unselected, you need to define the firewall rules manually (see below).
Click Apply to save your settings.
The toggle switch turns green. SSL remote access is active now.
Cross Reference – More detailed information on the configuration of a remote access and detailed explanations of the individual settings can be found in the UTM administration guide in chapter Remote Access.
| © 2019 Sophos Limited | Sophos UTM 9.600 |