SlideShare a Scribd company logo

Sophos XG FIREWALL SSL VPN Configuration

Download as DOCX, PDF
Naseem Khoodoruth
Naseem Khoodoruth

Work from Home using SSL VPN via SOPHOS XG Firewall and using Active Directoy for Single-On guided step by step

Technology
1 of 12
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 1 SOPHOS XG FIREWALL Contents SOPHOS XG FIREWALL .......................................................................................................................................... 1 Configure and enable Single Sign-on (SSO) ......................................................................................................... 2 Install Agent on Primary Domain Controller .................................................................................................... 2 Setup VPN on the XG Firewall................................................................................................................................ 7 How to use SSL VPN through Sophos XG Firewall (Join Domain Computers) ........................................................... 11
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 2 Configure and enable Single Sign-on (SSO) Install Agent on Primary Domain Controller Downloadandinstall STASonthe domaincontroller Port shouldbe openonAD: AD= XG UDP 6060, XG = AD UDP 6677, Agent= collectorTCP5566 Install the STASsuite onthe Primary DomainController
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 3 Specifythe networktomonitorandSTA collector Once configure testthe connectivitywiththe SophosAppliance,if youhave additional domaincontrollerdeploy STASagent andspecifycollectorthe primarydomaincontroller
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 4 Enable STASon the XG Firewall GO to authentication Addyou active directoryserver
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 5 Addthe serverfor authentication In Active directorycreate asecuritygroupandadd memberswhichwill be allow forSSLVPN Afterimportthe SSL VPN Users group to XG Firewall
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 6
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 7 Setup VPN on the XG Firewall For accessto VPN the VPN port and userportal mustbe openfromthe wan to downloadinstaller,configurationand access (inmyscenarioport444 and 8443 has beenopenonthe ISPRouter – PortForwarding) Configure SSLVPN(remote access) andin the Policymembersaddthe SSLVPN Usersgroup that needVPN Access
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 8 Enable the tunnel accessforyour office network Gatewaycan be turnoff if clientside will use theirWAN (example:theirmytathome) Setupthe VPN settings
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 9 Create the Firewall Rule
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 10 Allowaccesstouserportal andssl vpnfromWAN
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 11 How to use SSL VPN through Sophos XG Firewall (Join Domain Computers) Work outside the Office Securely Connectto the publicname and downloadyoursetup+ configurationfile Importantnote: each userhas to downloadtheirownsetupandconfigurationfile URL: https://example.dyndns.biz:444 Loginto the portal usingyourusername andpassword Go to SSL VPN and downloadclientandconfigurationforwindows
WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 12 Afterdownload,proceedwithinstallationof the SSLVPN client(Install) Afterinstallation,lookforthe icon rightclickandconnect (Internetconnectionisrequired) Enter yourwindowsusername andpassword Once you are connect the iconwill change fromred to green - now you are connectedwiththe server (xxxx.LOCAL) As fromhere youcan browse or connectto your terminal server

Recommended

Azure Forensics & Incident Response
Azure Forensics & Incident ResponseAzure Forensics & Incident Response
Azure Forensics & Incident Response
Christopher Doman
 
Private Cloud Architecture
Private Cloud ArchitecturePrivate Cloud Architecture
Private Cloud Architecture
Derek Keats
 
Techowl- Wazuh.pdf
Techowl- Wazuh.pdfTechowl- Wazuh.pdf
Techowl- Wazuh.pdf
AbhishekChaudhary518667
 
Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)
Cloudflare
 
Basics of ssl
Basics of sslBasics of ssl
Basics of ssl
n|u - The Open Security Community
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
 
Cloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 FoundationCloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 Foundation
Ammar Hasayen
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
 

Recommended

Azure Forensics & Incident Response
Azure Forensics & Incident ResponseAzure Forensics & Incident Response
Azure Forensics & Incident Response
Christopher Doman
 
Private Cloud Architecture
Private Cloud ArchitecturePrivate Cloud Architecture
Private Cloud Architecture
Derek Keats
 
Techowl- Wazuh.pdf
Techowl- Wazuh.pdfTechowl- Wazuh.pdf
Techowl- Wazuh.pdf
AbhishekChaudhary518667
 
Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)
Cloudflare
 
Basics of ssl
Basics of sslBasics of ssl
Basics of ssl
n|u - The Open Security Community
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
 
Cloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 FoundationCloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 Foundation
Ammar Hasayen
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
 
How to implement Keycloak authentication in React.pptx
How to implement Keycloak authentication in React.pptxHow to implement Keycloak authentication in React.pptx
How to implement Keycloak authentication in React.pptx
Knoldus Inc.
 
AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016
AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016
AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016
Amazon Web Services Korea
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols
NetProtocol Xpert
 
Cloud security (domain6 10)
Cloud security (domain6 10)Cloud security (domain6 10)
Cloud security (domain6 10)
Maganathin Veeraragaloo
 
OCI Overview
OCI OverviewOCI Overview
OCI Overview
Kamil Wieczorek
 
Container Security
Container SecurityContainer Security
Container Security
Amazon Web Services
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
Ninh Nguyen
 
Palo alto NGfw2023.pptx
Palo alto NGfw2023.pptxPalo alto NGfw2023.pptx
Palo alto NGfw2023.pptx
ahmad661583
 
Fortinet
FortinetFortinet
Fortinet
Petre-doru Dragus
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips
Mario Worwell
 
Domain Driven Data: Apache Kafka® and the Data Mesh
Domain Driven Data: Apache Kafka® and the Data MeshDomain Driven Data: Apache Kafka® and the Data Mesh
Domain Driven Data: Apache Kafka® and the Data Mesh
confluent
 
Apache metron - An Introduction
Apache metron - An IntroductionApache metron - An Introduction
Apache metron - An Introduction
Baban Gaigole
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multiple
Kiran Kumar
 
Incident response-in-the-cloud
Incident response-in-the-cloudIncident response-in-the-cloud
Incident response-in-the-cloud
Priyanka Aash
 
What is private cloud Explained
What is private cloud ExplainedWhat is private cloud Explained
What is private cloud Explained
jeetendra mandal
 
Identity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibilityIdentity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibility
Ryan Dawson
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
Mohit Chhabra
 
Introduction to Google Cloud Platform
Introduction to Google Cloud PlatformIntroduction to Google Cloud Platform
Introduction to Google Cloud Platform
Sujai Prakasam
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio update
Atanas Gergiminov
 
What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?
pqrs1234
 
How To Install and Configure Splunk on RHEL 7 in AWS
How To Install and Configure Splunk on RHEL 7 in AWSHow To Install and Configure Splunk on RHEL 7 in AWS
How To Install and Configure Splunk on RHEL 7 in AWS
VCP Muthukrishna
 
How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7
VCP Muthukrishna
 

More Related Content

What's hot

How to implement Keycloak authentication in React.pptx
How to implement Keycloak authentication in React.pptxHow to implement Keycloak authentication in React.pptx
How to implement Keycloak authentication in React.pptx
Knoldus Inc.
 
AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016
AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016
AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016
Amazon Web Services Korea
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols
NetProtocol Xpert
 
Cloud security (domain6 10)
Cloud security (domain6 10)Cloud security (domain6 10)
Cloud security (domain6 10)
Maganathin Veeraragaloo
 
OCI Overview
OCI OverviewOCI Overview
OCI Overview
Kamil Wieczorek
 
Container Security
Container SecurityContainer Security
Container Security
Amazon Web Services
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
Ninh Nguyen
 
Palo alto NGfw2023.pptx
Palo alto NGfw2023.pptxPalo alto NGfw2023.pptx
Palo alto NGfw2023.pptx
ahmad661583
 
Fortinet
FortinetFortinet
Fortinet
Petre-doru Dragus
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips
Mario Worwell
 
Domain Driven Data: Apache Kafka® and the Data Mesh
Domain Driven Data: Apache Kafka® and the Data MeshDomain Driven Data: Apache Kafka® and the Data Mesh
Domain Driven Data: Apache Kafka® and the Data Mesh
confluent
 
Apache metron - An Introduction
Apache metron - An IntroductionApache metron - An Introduction
Apache metron - An Introduction
Baban Gaigole
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multiple
Kiran Kumar
 
Incident response-in-the-cloud
Incident response-in-the-cloudIncident response-in-the-cloud
Incident response-in-the-cloud
Priyanka Aash
 
What is private cloud Explained
What is private cloud ExplainedWhat is private cloud Explained
What is private cloud Explained
jeetendra mandal
 
Identity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibilityIdentity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibility
Ryan Dawson
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
Mohit Chhabra
 
Introduction to Google Cloud Platform
Introduction to Google Cloud PlatformIntroduction to Google Cloud Platform
Introduction to Google Cloud Platform
Sujai Prakasam
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio update
Atanas Gergiminov
 
What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?
pqrs1234
 

What's hot (20)

How to implement Keycloak authentication in React.pptx
How to implement Keycloak authentication in React.pptxHow to implement Keycloak authentication in React.pptx
How to implement Keycloak authentication in React.pptx
 
AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016
AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016
AWS 기반 문서중앙화 솔루션 구축 방안::이덕재::AWS Summit Seoul 2016
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols
 
Cloud security (domain6 10)
Cloud security (domain6 10)Cloud security (domain6 10)
Cloud security (domain6 10)
 
OCI Overview
OCI OverviewOCI Overview
OCI Overview
 
Container Security
Container SecurityContainer Security
Container Security
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Palo alto NGfw2023.pptx
Palo alto NGfw2023.pptxPalo alto NGfw2023.pptx
Palo alto NGfw2023.pptx
 
Fortinet
FortinetFortinet
Fortinet
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips
 
Domain Driven Data: Apache Kafka® and the Data Mesh
Domain Driven Data: Apache Kafka® and the Data MeshDomain Driven Data: Apache Kafka® and the Data Mesh
Domain Driven Data: Apache Kafka® and the Data Mesh
 
Apache metron - An Introduction
Apache metron - An IntroductionApache metron - An Introduction
Apache metron - An Introduction
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multiple
 
Incident response-in-the-cloud
Incident response-in-the-cloudIncident response-in-the-cloud
Incident response-in-the-cloud
 
What is private cloud Explained
What is private cloud ExplainedWhat is private cloud Explained
What is private cloud Explained
 
Identity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibilityIdentity management and single sign on - how much flexibility
Identity management and single sign on - how much flexibility
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
 
Introduction to Google Cloud Platform
Introduction to Google Cloud PlatformIntroduction to Google Cloud Platform
Introduction to Google Cloud Platform
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio update
 
What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?
 

Similar to Sophos XG FIREWALL SSL VPN Configuration

How To Install and Configure Splunk on RHEL 7 in AWS
How To Install and Configure Splunk on RHEL 7 in AWSHow To Install and Configure Splunk on RHEL 7 in AWS
How To Install and Configure Splunk on RHEL 7 in AWS
VCP Muthukrishna
 
How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7
VCP Muthukrishna
 
penetration testing - black box type.
penetration testing - black box type.penetration testing - black box type.
penetration testing - black box type.
luigi capuzzello
 
connectivity_service.pdf
connectivity_service.pdfconnectivity_service.pdf
connectivity_service.pdf
Jagadish Babu
 
How To Install and Configure Apache SSL on CentOS 7
How To Install and Configure Apache SSL on CentOS 7How To Install and Configure Apache SSL on CentOS 7
How To Install and Configure Apache SSL on CentOS 7
VCP Muthukrishna
 
Palo alto-review
Palo alto-reviewPalo alto-review
Palo alto-review
Rayan Darine
 
How to become cloud backup provider with Cloudian HyperStore and CloudBerry L...
How to become cloud backup provider with Cloudian HyperStore and CloudBerry L...How to become cloud backup provider with Cloudian HyperStore and CloudBerry L...
How to become cloud backup provider with Cloudian HyperStore and CloudBerry L...
Cloudian
 
How to install and configure firewall on ubuntu os
How to install and configure firewall on ubuntu osHow to install and configure firewall on ubuntu os
How to install and configure firewall on ubuntu os
VCP Muthukrishna
 
Installation and c onfiguration
Installation and c onfigurationInstallation and c onfiguration
Installation and c onfiguration
bispsolutions
 
Jfrog artifactory as private docker registry
Jfrog artifactory as private docker registryJfrog artifactory as private docker registry
Jfrog artifactory as private docker registry
Vipin Mandale
 
Presentation hybrid cloud
Presentation hybrid cloudPresentation hybrid cloud
Presentation hybrid cloud
Karan Chhabra
 
Site-to-Site VPN (IPSec)--12345 Best.pdf
Site-to-Site VPN (IPSec)--12345 Best.pdfSite-to-Site VPN (IPSec)--12345 Best.pdf
Site-to-Site VPN (IPSec)--12345 Best.pdf
Mohammed Akbar Ali
 
How To Configure FirewallD on RHEL 7 or CentOS 7
How To Configure FirewallD on RHEL 7 or CentOS 7How To Configure FirewallD on RHEL 7 or CentOS 7
How To Configure FirewallD on RHEL 7 or CentOS 7
VCP Muthukrishna
 
Cohesive networks Support Docs: VNS3:turret WAF Guide
Cohesive networks Support Docs: VNS3:turret WAF GuideCohesive networks Support Docs: VNS3:turret WAF Guide
Cohesive networks Support Docs: VNS3:turret WAF Guide
Cohesive Networks
 
Oracle WebLogic
Oracle WebLogicOracle WebLogic
Oracle WebLogic
Anar Godjaev
 
Complete-NGINX-Cookbook-2019.pdf
Complete-NGINX-Cookbook-2019.pdfComplete-NGINX-Cookbook-2019.pdf
Complete-NGINX-Cookbook-2019.pdf
TomaszWojciechowski22
 
How to configure cisco asa virtual firewall
How to configure cisco asa virtual firewallHow to configure cisco asa virtual firewall
How to configure cisco asa virtual firewall
IT Tech
 
wazuh-installation-and-configuration.pdf
wazuh-installation-and-configuration.pdfwazuh-installation-and-configuration.pdf
wazuh-installation-and-configuration.pdf
Shadowman Kung
 
Onboard Deployment Guide 3.9.6
Onboard Deployment Guide 3.9.6Onboard Deployment Guide 3.9.6
Onboard Deployment Guide 3.9.6
Aruba, a Hewlett Packard Enterprise company
 
Fortinet SSL VPN access
Fortinet SSL VPN accessFortinet SSL VPN access
Fortinet SSL VPN access
Naseem Khoodoruth
 

Similar to Sophos XG FIREWALL SSL VPN Configuration (20)

How To Install and Configure Splunk on RHEL 7 in AWS
How To Install and Configure Splunk on RHEL 7 in AWSHow To Install and Configure Splunk on RHEL 7 in AWS
How To Install and Configure Splunk on RHEL 7 in AWS
 
How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7
 
penetration testing - black box type.
penetration testing - black box type.penetration testing - black box type.
penetration testing - black box type.
 
connectivity_service.pdf
connectivity_service.pdfconnectivity_service.pdf
connectivity_service.pdf
 
How To Install and Configure Apache SSL on CentOS 7
How To Install and Configure Apache SSL on CentOS 7How To Install and Configure Apache SSL on CentOS 7
How To Install and Configure Apache SSL on CentOS 7
 
Palo alto-review
Palo alto-reviewPalo alto-review
Palo alto-review
 
How to become cloud backup provider with Cloudian HyperStore and CloudBerry L...
How to become cloud backup provider with Cloudian HyperStore and CloudBerry L...How to become cloud backup provider with Cloudian HyperStore and CloudBerry L...
How to become cloud backup provider with Cloudian HyperStore and CloudBerry L...
 
How to install and configure firewall on ubuntu os
How to install and configure firewall on ubuntu osHow to install and configure firewall on ubuntu os
How to install and configure firewall on ubuntu os
 
Installation and c onfiguration
Installation and c onfigurationInstallation and c onfiguration
Installation and c onfiguration
 
Jfrog artifactory as private docker registry
Jfrog artifactory as private docker registryJfrog artifactory as private docker registry
Jfrog artifactory as private docker registry
 
Presentation hybrid cloud
Presentation hybrid cloudPresentation hybrid cloud
Presentation hybrid cloud
 
Site-to-Site VPN (IPSec)--12345 Best.pdf
Site-to-Site VPN (IPSec)--12345 Best.pdfSite-to-Site VPN (IPSec)--12345 Best.pdf
Site-to-Site VPN (IPSec)--12345 Best.pdf
 
How To Configure FirewallD on RHEL 7 or CentOS 7
How To Configure FirewallD on RHEL 7 or CentOS 7How To Configure FirewallD on RHEL 7 or CentOS 7
How To Configure FirewallD on RHEL 7 or CentOS 7
 
Cohesive networks Support Docs: VNS3:turret WAF Guide
Cohesive networks Support Docs: VNS3:turret WAF GuideCohesive networks Support Docs: VNS3:turret WAF Guide
Cohesive networks Support Docs: VNS3:turret WAF Guide
 
Oracle WebLogic
Oracle WebLogicOracle WebLogic
Oracle WebLogic
 
Complete-NGINX-Cookbook-2019.pdf
Complete-NGINX-Cookbook-2019.pdfComplete-NGINX-Cookbook-2019.pdf
Complete-NGINX-Cookbook-2019.pdf
 
How to configure cisco asa virtual firewall
How to configure cisco asa virtual firewallHow to configure cisco asa virtual firewall
How to configure cisco asa virtual firewall
 
wazuh-installation-and-configuration.pdf
wazuh-installation-and-configuration.pdfwazuh-installation-and-configuration.pdf
wazuh-installation-and-configuration.pdf
 
Onboard Deployment Guide 3.9.6
Onboard Deployment Guide 3.9.6Onboard Deployment Guide 3.9.6
Onboard Deployment Guide 3.9.6
 
Fortinet SSL VPN access
Fortinet SSL VPN accessFortinet SSL VPN access
Fortinet SSL VPN access
 

More from Naseem Khoodoruth

Azure File Share and File Sync guide (Beginners Edition)
Azure File Share and File Sync guide (Beginners Edition)Azure File Share and File Sync guide (Beginners Edition)
Azure File Share and File Sync guide (Beginners Edition)
Naseem Khoodoruth
 
How to install and use MS Teams for meeting and live events
How to install and use MS Teams for meeting and live eventsHow to install and use MS Teams for meeting and live events
How to install and use MS Teams for meeting and live events
Naseem Khoodoruth
 
How to install and use microsoft teams for beginners
How to install and use microsoft teams for beginnersHow to install and use microsoft teams for beginners
How to install and use microsoft teams for beginners
Naseem Khoodoruth
 
Work from home under the lockdown
Work from home under the lockdownWork from home under the lockdown
Work from home under the lockdown
Naseem Khoodoruth
 
Powershell direct
Powershell directPowershell direct
Powershell direct
Naseem Khoodoruth
 
Exchange 2010/2013 Exchange Management Shell Command
Exchange 2010/2013 Exchange Management Shell CommandExchange 2010/2013 Exchange Management Shell Command
Exchange 2010/2013 Exchange Management Shell Command
Naseem Khoodoruth
 
Basic command for Time sync (Domain Controllers)
Basic command for Time sync (Domain Controllers)Basic command for Time sync (Domain Controllers)
Basic command for Time sync (Domain Controllers)
Naseem Khoodoruth
 
Implementation of Scom 2016
Implementation of Scom 2016 Implementation of Scom 2016
Implementation of Scom 2016
Naseem Khoodoruth
 
Sophos_XG_Firewall_Certified_Engineer v15.0
Sophos_XG_Firewall_Certified_Engineer v15.0Sophos_XG_Firewall_Certified_Engineer v15.0
Sophos_XG_Firewall_Certified_Engineer v15.0
Naseem Khoodoruth
 
Backup Exec 15 VSEPlus
Backup Exec 15 VSEPlusBackup Exec 15 VSEPlus
Backup Exec 15 VSEPlus
Naseem Khoodoruth
 
Backup Exec 15 VSE
Backup Exec 15 VSEBackup Exec 15 VSE
Backup Exec 15 VSE
Naseem Khoodoruth
 
CP250915V3.1EL14818
CP250915V3.1EL14818CP250915V3.1EL14818
CP250915V3.1EL14818
Naseem Khoodoruth
 
DSST0214WBTS - Dell Support Services training.PDF
DSST0214WBTS - Dell Support Services training.PDFDSST0214WBTS - Dell Support Services training.PDF
DSST0214WBTS - Dell Support Services training.PDF
Naseem Khoodoruth
 
MCSA Office 365
MCSA Office 365MCSA Office 365
MCSA Office 365
Naseem Khoodoruth
 

More from Naseem Khoodoruth (14)

Azure File Share and File Sync guide (Beginners Edition)
Azure File Share and File Sync guide (Beginners Edition)Azure File Share and File Sync guide (Beginners Edition)
Azure File Share and File Sync guide (Beginners Edition)
 
How to install and use MS Teams for meeting and live events
How to install and use MS Teams for meeting and live eventsHow to install and use MS Teams for meeting and live events
How to install and use MS Teams for meeting and live events
 
How to install and use microsoft teams for beginners
How to install and use microsoft teams for beginnersHow to install and use microsoft teams for beginners
How to install and use microsoft teams for beginners
 
Work from home under the lockdown
Work from home under the lockdownWork from home under the lockdown
Work from home under the lockdown
 
Powershell direct
Powershell directPowershell direct
Powershell direct
 
Exchange 2010/2013 Exchange Management Shell Command
Exchange 2010/2013 Exchange Management Shell CommandExchange 2010/2013 Exchange Management Shell Command
Exchange 2010/2013 Exchange Management Shell Command
 
Basic command for Time sync (Domain Controllers)
Basic command for Time sync (Domain Controllers)Basic command for Time sync (Domain Controllers)
Basic command for Time sync (Domain Controllers)
 
Implementation of Scom 2016
Implementation of Scom 2016 Implementation of Scom 2016
Implementation of Scom 2016
 
Sophos_XG_Firewall_Certified_Engineer v15.0
Sophos_XG_Firewall_Certified_Engineer v15.0Sophos_XG_Firewall_Certified_Engineer v15.0
Sophos_XG_Firewall_Certified_Engineer v15.0
 
Backup Exec 15 VSEPlus
Backup Exec 15 VSEPlusBackup Exec 15 VSEPlus
Backup Exec 15 VSEPlus
 
Backup Exec 15 VSE
Backup Exec 15 VSEBackup Exec 15 VSE
Backup Exec 15 VSE
 
CP250915V3.1EL14818
CP250915V3.1EL14818CP250915V3.1EL14818
CP250915V3.1EL14818
 
DSST0214WBTS - Dell Support Services training.PDF
DSST0214WBTS - Dell Support Services training.PDFDSST0214WBTS - Dell Support Services training.PDF
DSST0214WBTS - Dell Support Services training.PDF
 
MCSA Office 365
MCSA Office 365MCSA Office 365
MCSA Office 365
 

Recently uploaded

UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
flufftailshop
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Jeffrey Haguewood
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
saastr
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 

Recently uploaded (20)

UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 

Sophos XG FIREWALL SSL VPN Configuration

  • 1. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 1 SOPHOS XG FIREWALL Contents SOPHOS XG FIREWALL .......................................................................................................................................... 1 Configure and enable Single Sign-on (SSO) ......................................................................................................... 2 Install Agent on Primary Domain Controller .................................................................................................... 2 Setup VPN on the XG Firewall................................................................................................................................ 7 How to use SSL VPN through Sophos XG Firewall (Join Domain Computers) ........................................................... 11
  • 2. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 2 Configure and enable Single Sign-on (SSO) Install Agent on Primary Domain Controller Downloadandinstall STASonthe domaincontroller Port shouldbe openonAD: AD= XG UDP 6060, XG = AD UDP 6677, Agent= collectorTCP5566 Install the STASsuite onthe Primary DomainController
  • 3. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 3 Specifythe networktomonitorandSTA collector Once configure testthe connectivitywiththe SophosAppliance,if youhave additional domaincontrollerdeploy STASagent andspecifycollectorthe primarydomaincontroller
  • 4. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 4 Enable STASon the XG Firewall GO to authentication Addyou active directoryserver
  • 5. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 5 Addthe serverfor authentication In Active directorycreate asecuritygroupandadd memberswhichwill be allow forSSLVPN Afterimportthe SSL VPN Users group to XG Firewall
  • 6. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 6
  • 7. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 7 Setup VPN on the XG Firewall For accessto VPN the VPN port and userportal mustbe openfromthe wan to downloadinstaller,configurationand access (inmyscenarioport444 and 8443 has beenopenonthe ISPRouter – PortForwarding) Configure SSLVPN(remote access) andin the Policymembersaddthe SSLVPN Usersgroup that needVPN Access
  • 8. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 8 Enable the tunnel accessforyour office network Gatewaycan be turnoff if clientside will use theirWAN (example:theirmytathome) Setupthe VPN settings
  • 9. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 9 Create the Firewall Rule
  • 10. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 10 Allowaccesstouserportal andssl vpnfromWAN
  • 11. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 11 How to use SSL VPN through Sophos XG Firewall (Join Domain Computers) Work outside the Office Securely Connectto the publicname and downloadyoursetup+ configurationfile Importantnote: each userhas to downloadtheirownsetupandconfigurationfile URL: https://example.dyndns.biz:444 Loginto the portal usingyourusername andpassword Go to SSL VPN and downloadclientandconfigurationforwindows
  • 12. WorkingfromHome using SOPHOSXG FIREWALL SSL VPN withSingle-On NASEEMKHOODORUTH 12 Afterdownload,proceedwithinstallationof the SSLVPN client(Install) Afterinstallation,lookforthe icon rightclickandconnect (Internetconnectionisrequired) Enter yourwindowsusername andpassword Once you are connect the iconwill change fromred to green - now you are connectedwiththe server (xxxx.LOCAL) As fromhere youcan browse or connectto your terminal server