SSL Certificate for VPN, User Portal and Quarantine Digest.

Question

Hi 
 I am just wondering if somebody could enlighten me a bit. I am new to Sophos XG. 
 
 I am looking to setup client-site SSL VPN's. So I am going to buy a certificate for this. I also want this certificate to serve the user portal as well. So that when staff login to this it doesn't say "Untrusted website, are you sure you want to continue etc..." 
 My questions are: 
 1. Can the same certificate serve both VPN's and the user portal? If the user portal was on https://remote.mydomain.co.uk (443) what port/address will the VPN use? Can it use the same address? 
 2. How do clients download the SSL VPN client from the XG? Is there a webpage they must visit? If so, can the certificate protect this also? What address would it use? 
 3. The quarantine digest email currently includes our public interface as the user portal link, so that users can release email whilst on the move (outside of the network). Can my new certificate protect both the remote.mydomain.co.uk hostname and the IP address at the same time? 
 
 Thank you for your help in advance. Sorry if this is a duplicate post.

lferrara · Answer

Ben, 
 for the SSL VPN, XG listens on tcp 8443 and cannot be changed at the moment. In order to choose which certificate to use for SSL VPN, go to VPN > Show VPN settings > SSL 
 For the User Portal, you can change the port and certificate been used under Administration > Admin Settings 
 Users can download the SSL VPN from User portal (https://WANADDRESS) 
 For the Email, you can change the TSL Certificate under Email > General Settings > SMTPS 
 Regards

Aditya Patel · Answer

Hi Ben, 
 You may use the same SSL certificate and upload onto both devices and will work for both SSL VPN portal and User portal.