Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 468 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG SSL VPN using slower WAN connection

Khan Tomlinson

Hi,

We have two WAN feed on our Sophos, a primary Leased line and a backup FTTC line.  When downloading the SSL VPN config file, it appears that backup FTTC line is the first connection it will try.  Due to the restricted upload speed on the FTTC line this isn't ideal.  It does appear that we can manually alter the config file so that leased line is the first connection attempted, however this would need to be repeated for every user.

Does anyone have suggestions as to how we set the primary gateway IP for SSL VPN connections so that all future connections try and connect to the leased line first?

Sophos XG firmware is SFOS 18.5.2 MR-2-Build380.

Thank in advance



This thread was automatically locked due to age.
Parents
  • +1

    Hello,

    Greetings!

    Currently, we do not have provision to automate it. However, if you wish every client should connect to the primary leased line. We can set the hostname in SSL VPN configuration from Configure -> VPN -> Show VPN settings. Set the hostname with the IP address of your primary leased line. You shall have to reimport the configuration file to every user.

    Note: In case if the primary leased line fails, it will not connect to alternate service provider available. 

    Regards,

    Mayur Makvana

    Mayur Makvana
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to MayurMakvana

    That worked, but is a little counterintuitive as that is the "override hostname" field and our hostname is correct, but that will do it for now.  Thanks for the tip!

Reply Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?