XG - UTM Passthrough Equivilient

Go to Certificates / Certificates and upload your purchased certificate there.

Go to Administration / Admin Settings and make sure that your FQDN is set (and covered by your certificate) and Apply.

Go to Administration / Admin Settings and under "Port Settings for Admin Console" select the certificate that you uploaded and Apply.

Make sure your hostname is DNS resolvable.

New for 17.1:

Go to the "Console" (this is not SSH) and type

set proxy_url_use_hostname on

It should now use the hostname (not IP) for redirection (in the types of things that UTM uses passthrough) and it should use that certificate.

Note that in 17.2 we will be improving on the "proxy_url_use_hostname" and bringing it into the UI.

Please see here for more detailed instructions.

https://community.sophos.com/kb/en-us/132058

Thanks Michael,

I understand that this replaces internal links in the XG with names rather than IP.  I'm more interested in the "passthrough" aspect.  As far as I understand it, in UTM when a file is sent to sandstorm it uses an address (213.144.15.19) that usually resolves to passthrough.fw-notify.net, which causes a certificate warning.  In UTM you can set a certificate which points that IP, thereby eliminating the certificate warning if required.

Does the method you're suggesting cover this scenario in XG?

Kind regards

Shaun

Thanks Michael,

I understand that this replaces internal links in the XG with names rather than IP.  I'm more interested in the "passthrough" aspect.  As far as I understand it, in UTM when a file is sent to sandstorm it uses an address (213.144.15.19) that usually resolves to passthrough.fw-notify.net, which causes a certificate warning.  In UTM you can set a certificate which points that IP, thereby eliminating the certificate warning if required.

Does the method you're suggesting cover this scenario in XG?

Kind regards

Shaun