Still in the Authentication tab, leave the default Identification Type for Remote Identity selected as IP Address. Also, leave the Identification type under Local Identity as the default IP Address. Since I am using a preshared key and XAUTH, I have selected that below under the Authentication tab. Under name resolution in my particular config, I setup public DNS resolvers, however, these can be set to any that you wish, or selected to Obtain Automatically which should pull from your Sophos VPN addresses DNS configuration. Leave the default settings under the NAT traversal options
The installer is very small in size and installs in a snap.Īfter installing Shrew Soft, simply create a new connection.
However, as you will see below, you can connect to your IPsec VPN by manually configuring the client to connect to your Sophos UTM.īelow is a quick capture of the Authentication type dropdown where you see you can select between CA DN match, Preshared key, and X509 certificate.īe sure after you click Save on the Access Rule screen, that you enable the VPN by sliding the slider next to the VPN connection over to green, which effectively enables the connection.Īfter you have created a VPN connection on the Sophos side using the settings we mentioned above, you can now begin to setup your Shrew Soft connection via the free Shrew Soft VPN client download which can be found here. ini file from the UTM into the Shrew Soft VPN client. Unfortunately, there is no way to import the downloadable.
The client is quite expensive, especially if you are just purchasing a single seat of the software.
I have tried this process and it is extremely easy and takes care of all the heavy lifting of getting the configuration right, however, the client is downloaded with a 30 day trial license. Sophos offers a VPN client that can easily connect up to your Sophos UTM box by importing an. I want to cover the topic of setting up an IPsec VPN on the Sophos side as well as connecting to your Sophos IPsec VPN using the free Shrew Soft VPN client. The options that exist are SSL, PPTP, L2TP over IPsec, IPsec, HTML5 VPN Portal, and Cisco VPN Client. The Sophos UTM appliance provides a very wide range of remote access options to access your network from a remote location.
I have ran it both in a software based applianced running on a whitebox atom powered machine and also in a VMware virtual machine which is the current configuration I have running due to the great CPU power I have available from my VMware host. So far I have really been impressed with the features and power of the Sophos UTM appliance.