Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 654 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best practice for pushing out SSL VPN Remote client when users can’t come into the office

Gavin Steiner1

I’m new to Sophos XGS devices. Our client prefers their devices and we’re replacing an old device their former MSP has locked down.

All users have laptops out in the field with the ssl client pointing to the “old” device. I’ve configured the new XGS 126 for SSL remote access but the users can’t come into th office for installation of the new installer. 

Since it’s bad practice to open the end user portal from the WAN interface can anyone recommend an efficient way to get each laptop configured with the new client/settings?

We could script anything we need to but I’ve read that it’s not really a scriptable installation.

any advice would be appreciated.

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    The recommended settings is to open User Portal to WAN. I would recommend to use a non https port (like 444 or 4443) simply to avoid the basic port scanner in the first place. 

    The user portal is harden and also 2FA should be enabled on User portal. 

    Use Sophos Connect and the provisioning file to simplify the process. 

Reply
  • 0

    The recommended settings is to open User Portal to WAN. I would recommend to use a non https port (like 444 or 4443) simply to avoid the basic port scanner in the first place. 

    The user portal is harden and also 2FA should be enabled on User portal. 

    Use Sophos Connect and the provisioning file to simplify the process. 

Children
No Data