Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall, remote IPsec VPN users

Hi,

Is it possible for the vpn clients to have multiple policies?

I would really like to combine the benefits of a always on VPN with a connect on demand VPN.

The problem i find mostly with home working is users having limited exposure to the office service based servers in particularly our DC's, Group Policies and WSUS (Windows Update Server).  Maybe i can make the Windows update server accessible by the outside word, that would resolve that but i would still have the issue with Active Directory and Group Policies.

However i don't like the idea of full visibility of our file servers 24/7.  This is just asking for trouble and maximises exposure of company and client data.

So what i would like to do, is use always on VPN for the DC's and WSUS server and use a connect on demand VPN for accessing file servers over SMB, with a idle timeout.

Is this possible?

Thanks.



This thread was automatically locked due to age.
  • Hello Chris,

    Thank you for contacting the Sophos Community!

    Currently, this is not possible, you could, however, create Firewall rules based on Time of the days, so allow access to your servers from 9-5 for example. 

    I would recommend you to check the upcoming ZTNA, and enroll in the EAP, as this might help you achieve what you are looking for. 

    Regards,