Hi,
We are using a VPN feature with Sophos firewall.
We can use the VPN with Windows and Mac OS(Tunnelblick) environment
But we cannot use the VPN with Android or iOS environment.
Is there any way we can use the VPN with Mobile environment ?
Thank you.
You can with any OpenVNP client app, you generate and download the config file on the firewall and then just import in your mobile device
SSLVPN? Use openvpn connect!
I’m not too familiar with iPhone/iPad apps unfortunately.
Not sure if you followed a guide for your deployment but here’s the official documentation.
Android
https://support.sophos.com/support/s/article/KB-000038870?language=en_US
iOS
https://support.sophos.com/support/s/article/KB-000036418?language=en_US
I also have never used this feature, especially with the recent attack trends against SSL VPN services, I did read the documentation at some point hence I was able to give you that answer.
My suggestion is that if following the guides in the docs doesn’t work, reach out to support.
Use UDP and port 8443. If your firewall has a WAN port with a private address, use Override hostname and put the public IP address of your internet connection there. Instruct your router/modem to send all incoming traffic to the firewall, or at least port 8443. Install OpenVPN and the .ovpn file from the VPN portal on the i-Devices.
We had issues with iOS, could not use OpenVPN so we switched to Passepartout. On Android OpenVPN works without issues.
From mobile through browser navigate to portal to download config and just load it in VPN client.
We have tried ‘Open VPN’ app from app store and google play.
But is didn’t work.
Can you recommend any other open VPN app for iOS ?
Thank you.
Hi, Thank you for your response.
We have tried use ‘Open VPN’ App.
But it didn’t work.
Thank you.
What happens with iOS and OpenVPN is that connection is established but routes are not propagated and traffic flow is not working. This might be fixed on latest version of firmware for UTM, we are couple of versions behind. As someone mentioned your other option is to adjust config files, but I think using another client as Passepartout is much easier, at least until you perform updates on your UTM.
It does work. I have it running on my Android phone right now.
What version of SFOS you on? You might have the retry bug in the configs and will need to tweak based on your version. Latest MR builds have fix.