Hi,
We have recently migrated from Cyberoam to XG and one thing I want to do this time is setup Certs properly (we're a MSP who inherited Cyberoam). I'm ok with all the different types of Certs etc. (from having to manage them for websites, Exchange Server etc.), so I'm really looking for specifically Sophos XG best practices.
I want to get rid of all cert warnings for all access. These ones spring to mind:
Web Admin (local and remote): would need to be internally and externally resolvable FQDN: fwadmin.domain.com for example
Captive Portal: for both unauthenticated domain-joined and non-domain-joined devices (Guest WiFi for example):
I've done the process using a Self-Signed cert for now and deployed the Default XG CA Cert using GPO. I used the Sophos Guide so had the FW hostname and local IP address in the Cert. Captive Portal is currently set to redirect to the LAN IP address which obviously won't work as you can't have hostnames or IP in Certs anymore so has to be FQDN.
Thanks
This thread was automatically locked due to age.
