L2tp Sophos Xg

Posted : admin | On 30-04-2021



STEP 1: CONFIGURING UTM …

Sophos
  1. Defining a user account
    • Open Definitions & Users > Users & Groups > Users
    • Click “New User” button
    • Make the following setting:
      • Username, Real name, Email address
      • Authentication: Remote Access PPTP the “local” and “RADIUS” authentication methods are supported. With “local” authentication method, you will enter two fields password and repeat
    • Click “Save”
  2. Configuring L2TPOver IPsec settings
    • Open Remote Access > L2TP Over IPsec > Global tab
    • Enable L2TP
    • Make the following settings:
      • Interface: Select the network interface to use for L2TP access.
      • Authentication mode: Select the authentication mode (Preshared key or X.509 CA Check)
        • Preshared key: enter the shared secret. This is secure phrase or password that is used to set up the secure tunnel.
        • X.509 CA Check:Certificate: Select the local X.509 certificate to authenticate the server.
      • Assign IP addresses by: Select IP address pool or DHCP Server
        • IP address pool: default IP address 10.242.1.x/24, Network is called VPN Pool (PPTP). D
        • DHCP server (DHCP server Via interface)
      • Authentication via: Select authentication method “local” or “RADIUS
      • Users and groups: When you using local authentication, please select the users or groups that should be able to use PPTP remote access.
    • Click Apply to save your settings
  3. Configuring Advanced L2TP over IPsec settings
    • Open Remote Access > L2TP over IPsec > Debug tab
    • IKE Debugging
      • Control Flow: Displays control messages of IKE state
      • Outbound Packets: Displays content of outgoing IKE messages
      • Inbound Packets: Displays content of incoming IKE messages
      • Kernel Messaging: Displays communication messages with the Kernel
      • High Availability: Displays communication with other HA nodes
    • Click Apply to save your settings
    • Optionally, enable debug mode => click Apply
  4. Defining Firewall Rules
    • Open Network Protection > Firewall > Rules tab
    • Click “New Rule button
    • Make the following settings:
      • Sources: Add the remote host or user
      • Services: Add the allowed services
      • Destinations: Add the allowed networks
      • Action: Select Allow
    • Click Save
    • Enable the rule: clicking the status icon => status icon turns green
  5. Defining Masquerading Rules
    • Open Network Protection > NAT > Masquerading tab
    • Click New Masquerading Rule button
L2tp Sophos Xg

Overview: In this guide session, we will learn about how to configure the L2TP VPN in Sophos XG Firewall. A Little Intro about what is L2TP VPN. As compare to Point to Point Tunneling Protocol (PPTP), Layer2 Tunneling Protocol (L2TP) is a more popular VPN protocol category. CONFIGURING REMOTE ACCESS L2TP over IPsec SOPHOS UTM AND CLIENT. April 5, 2015 Joe Techbast Firewall, Security. Visio Stencils for XG Firewalls and Modules update. Sophos Central provides powerful centralized management, reporting, and zero-touch deployment for all your XG Firewalls and other Sophos products from a single console. Sophos Central is the ultimate cloud-management platform - for all your Sophos products. It makes day-to-day setup, management, and reporting for all your XG Firewalls easy. Follow the steps below to configure the iPad to connect to your Sophos XG using an L2TP VPN. Click the main menu of the iPad and go to Settings General Network. Click VPN Add VPN Configuration Select L2TP and complete the following fields.

L2tp
    • Make the following settings:
      • Network: Select network of the remote endpoint.
      • Interface: Select interface.
      • Use address: If the interface you selected has more than one IP address assigned, you can define here which IP address is to be used for masquerading
    • Click Save
    • Enable rule
    • Optionally, activate the proxies

STEP 2: CONFIGURING REMOTE CLIENT

  1. Start your browser and open the User Portal => Log in to the User Portal => go to Remotes Access lab => view information L2TP Over IPsec (can review “preshred key”).
  2. Configuring Windows Client
    • Click Start => Control Panel
    • In the Control Panel, click Network and Internet => Network and Sharing Center => Set up a new connection or network
    • Define the dial-up Internet connection

Sophos Xg L2tp Setup

    • Click Next
    • Enter the hostname or the IP address of the gateway => Allow other people to use this connection
    • Click Next
    • Click Create
Sophos xg l2tp vpn
    • Right-click the new connection and select Properties => Security => make information same picture follow:
    • click OK
    • Open Network => enter username and password => Connected

Sophos Xg L2tp Passthrough

Done, Thanks for watching!