Introduction

This guide describes the steps to configure remote access to Sophos UTM using the Layer Two Tunneling Protocol (L2TP) over Internet Protocol Security (IPsec). L2TP over IPsec is a combination of the L2TP and IPsec standard protocols. L2TP over IPsec allows you, while providing the same functions as the Point-to-Point Tunneling Protocol (PPTP), to give individual hosts access to your network through an encrypted IPsec tunnel. The structure is described in the following chart. On Microsoft Windows systems, L2TP over IPsec is easy to set up, and requires no additional software on the endpoint device.

To configure and establish L2TP remote access connections, do as follows:

  1. Create a user or user group to use remote access.
  2. Configure the IPsecL2TPPPTPSSL remote access connection in Sophos UTM.
  3. Provide users with the Sophos Connect client and configuration files.

    There are two methods:

    • Turn on the Sophos UTM User Portal for the remote access users to download the installer and configuration files.

    • Send the installer and configuration file to users.

Users must do as follows:

  1. Install the Sophos Connect client on their endpoint devices.

  2. Import the configuration files into the client and establish the connection.

The User Portal offers the necessary keys and a configuration guide to the remote access user. You must provide users with their login credentials for the User Portal.