Press "Enter" to skip to content

SOPHOS XG: clientless access


Clientless access presentation

Client-free access to Sophos XG firewalls allows connections to corporate servers without a VPN client by going directly through an internet browser as Citrix does.

Clientless access configure

Firewall configuration

1. Go to the firewall administration interface.
Connexion au Sophos XG

2. From the navigation menu go to Administration 1 / Device Access 2 and verify that the User Portal 3 is available from the WAN interface. If not, check the box and click Apply 4.
Autoriser l'accès sans client depuis le WAN

3. From the navigation menu go to Administration 1 / Administration Parameter 2 and note the port of the user portal 3.
Vérification du port pour le portail

4. Before configuring access to the portal, you must declare a Favorite, here the server that you want to make available via the portal. Go to VPN 1 / Favorites 2 and click the Add button 3.
Favoris pour accès

5. Enter a Name 1 and a description 2 to identify the resource. Choose the type RDP 3, enter the IP address of the server 4, port enter the port RDP 5 (default 3389) and click Save 6.
Ajout d'un serveur

6. Server 1 is added to favorites.
Serveur ajouté

7. Now, you have to configure a clientless access to which we will define the available favorites. Click on VPN 1 / Clientless Access 2 / Add 3.
Listes des accès

8. Enter a name 1 and description 2. Select in which the strategy should be applied 3 and resources (bookmarks) published 4 (here the server) and click Apply 5.
Ajout d'un acces

9. Confirm the application of the policy by clicking OK 1.
Confirmer l'application de la stratégie

10. We find the access without client in list 1.
Stratégie ajoutée

Using clientless access

1. From a computer, launch an internet browser (preferably Chrome) and go to the portal

2. Enter the identifiers 1 and click on Connection 2.
Connexion au portail

3. On the navigation menu go to SSL VPN 1. The page displays the clientless access configured in the policy. Click on it 2.
Accéder aux favoris

4. A new window opens, wait while connecting.
Connexion en cours...

5. Switch the keyboard to AZERTY, click on Keyboard 1 / Keyboard Layout 2 / Frech3. Enter login 4 to login.
Passer le clavier en AZERTY

6. Connection established to the server.

Related Posts

Stormshield: url filtering https without decryption
Presentation In this tutorial, we'll see how to set up https url filtering (SSL) without needing to decrypt and therefore deploy the stormshield certificate. This solution does not display a blocking page, users will have a blank page. Implementing h

Sophos XG: Web and application filtering
In this tutorial, we'll see how to put filtering on outgoing streams with a Sophos XG firewall. I will show you the two filter modules: Web: which is an internet proxy Application: level 7 filtering that allows to act the applications and actions ava

Sophos XG configure a DHCP relay
Présentation A DHCP relay is a service that listens for DHCPDISCOVER frames to transfer them to a DHCP server. The DHCP relay avoids installing a DHCP service by network segment (MPLS, VLAN ...). Before configuring the relay firewall, the DHCP servic

Leave a Reply

Your email address will not be published. Required fields are marked *

It looks like you're using an adblocker.
We use ads to keep our content free. Please support us by turning off your adblocker.