Guest User!
You are not Sophos Staff.
Hello,
Looking for guidance here with VPN and certificate authentication.
We have a client that requires we implement certificate based secondary authentication for the VPN. We currently use LDAP authentication to AD and they want to use certificates for the secondary authentication method.
How can we accomplish this with the Sophos SSL VPN, we're using the Sophos Connect client? There are two XGS 3300's in HA Active/Passive.
Hello Jason,
I believe, that would be a feature request: SSL VPN with Cert base authentication.
You can vote for the feature in the below provided links:
https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/40356229-sophos-ssl-vpn-client
https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/39756232-client-certificate-based-authentication-for-ssl-vp
==================
If a post solves your question please use the 'Verify Answer' button.
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
In that case, check IPsec [Remote access] if that helps?
https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/VPN/SiteToSiteVPN/VPNIPsecConnectionAdd/index.html
It allows you to use the authentication type as Digital certificate.
==========================================================================
If a post solves your question please use the 'Verify Answer' button.
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
True and I wish I could use it now but it won't be available for Hyper-V or Azure until next year. 
