Sophos Ideas / SG UTM

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

← SG UTM

VPN: Allow UTM to act as a VPN Client

Add a VPN Client support such as L2TP inside ASG so it can connect to a VPN solution without needing to setup Site2Site.

127 votes
Sign in Sign in with: Log in with your Sophos ID
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

jpvigneault shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

21 comments

Sign in Sign in with: Log in with your Sophos ID
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Guy Barwood commented  ·   ·  Flag as inappropriate

    There are many low VPN providers on the market that support a wide range of connection options however I have been unable to get the UTM to establish a connection to their service. All you need is to be able to create an interface based on a VPN client such as OpenVPN, connecting to either a single, or preferably a prioritised list of IP/DNS addresses authenticating with a username/password.

    Perhaps the comment below is accurate and such new 'features' won't ever be added to the UTM.

  • Ex-Sophos Client commented  ·   ·  Flag as inappropriate

    Sophos is a rebranding of astaro and they never had any part of its development. essentially they bought the rights and thats it.

    When it was still under astaro control, features were updated all the time, as they actuually had the programmers to implements requests, Sophos does not..they are just reselling the same software rebranded, and do not have the skill set to add code.

    Thus the core sophos utm is still the same from years ago.

    I ended up using a dd-wrt as a transparent bridge (ie. fwd ALL tarffic to Sophos), and configured it to use openvpn. Then just use the dd-wrt as the wan connection. Works like a charm....

    hence why features are requested over ad over, but never implemented. That becuase soh

    It's like walmart generic brands, Walmart does not actually produce any of their products directly, they re brand products already on the market.

  • Braedon King commented  ·   ·  Flag as inappropriate

    Add one for the PPTP/OpenVPN/L2TP client unbound from a physical interface like a modem, the same as any linux ordinary distro would do on the ppp0 interface.

    Useful for interfacing with dissimilar remote hardware that we have no control over, or in my case, where the client (UTM) is on mobile broadband, doesn't have a fixed IP, and is behind the ISP's NAT with a 10.0.0.0/16 address range.

  • AlexAgo commented  ·   ·  Flag as inappropriate

    I am trying UTM and I found very interesting but without OpenVpn/L2TP client support I don't be able to use for my needs.

    Please add them, thanks

  • Ophidian commented  ·   ·  Flag as inappropriate

    I think L2TP and OpenVPN client should both be supported. It's a simpler implementation than setting up ipsec tunnels everywhere. It's a VPN/firewall appliance: i would expect it's at least capable of this.

  • Faizy commented  ·   ·  Flag as inappropriate

    Is this feature still not supported? WOW. I love sophoso, have enjoyed it for last 6+ months but this is really disappointing. Someone out there must know how to implement this and allow the utm to act like vpn client, $50 wifi router can, why can't sophos?

  • Brendan Taylor commented  ·   ·  Flag as inappropriate

    UTM was looking great and I have enjoyed it a lot, however this just ruins that for me..

    Oh well, back to Mikrotik until this is supported.

    Ciao Sophos.

  • Cory commented  ·   ·  Flag as inappropriate

    Really need this! Just chose Sophos vs my long time Sonicwall and I really need this feature. I need the ability to connect to a VPN server as a CLIENT to route certain traffic. CANNOT believe Sophos does not have this when everyone else DOES.

  • Anonymous commented  ·   ·  Flag as inappropriate

    This item should be combined with "SSL VPN: Convert .ovpn to .apc/.epc for Site-to-Site SSL Tunnels", because they have the same objective. Combined, they would be the 5th highest requested item.

  • glovato commented  ·   ·  Flag as inappropriate

    Bob:
    this is not available as using that interface option requires a physical port which is senseless.
    I'd also like to see this implemented as sometimes having to mass implement pptp connections on the endstations is annoying and leaves me with no control over the traffic passed

  • Joshua B. commented  ·   ·  Flag as inappropriate

    Don't forget OpenVPN too!
    This feature entirely can be great for using an out-of-country VPN for your entire network. Especially for countries that block sites such as YouTube, without having to setup a VPN on each computer (unfortunately bypassing the UTM completely)

  • BarryG commented  ·   ·  Flag as inappropriate

    If implemented, I would like this to include an option to disable outgoing traffic if the VPN goes down, as well as an email notification.

  • jpvigneault commented  ·   ·  Flag as inappropriate

    Additionally the PPPoA client dosen't support any configuration and is currently set to not require-mppe-128, and there is no way to enable this in the gui.

  • jpvigneault commented  ·   ·  Flag as inappropriate

    Bob, this is right, except that the PPTP client need to be bounded to an interface. So it you want 5 different PPTP connection established you need to dedicate as many NIC.

    If Adding a VPN client was implemented the way I suggest it, you could create "virutal PPTP interface" without a network card attached, and be able to use it with the firewall etc.

  • Bob Alfson commented  ·   ·  Flag as inappropriate

    This already is available for PPTP. In 'Interfaces', select DSL (PPPoA/PPTP). Then make some Firewall rules, and you're done!

← Previous 1

SG UTM: VPN

Categories

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.