SOPHOS XG: clientless access

Clientless access presentation

Client-free access to Sophos XG firewalls allows connections to corporate servers without a VPN client by going directly through an internet browser as Citrix does.

Clientless access configure

Firewall configuration

1. Go to the firewall administration interface.
Connexion au Sophos XG

2. From the navigation menu go to Administration 1 / Device Access 2 and verify that the User Portal 3 is available from the WAN interface. If not, check the box and click Apply 4.
Autoriser l'accès sans client depuis le WAN

3. From the navigation menu go to Administration 1 / Administration Parameter 2 and note the port of the user portal 3.
Vérification du port pour le portail

4. Before configuring access to the portal, you must declare a Favorite, here the server that you want to make available via the portal. Go to VPN 1 / Favorites 2 and click the Add button 3.
Favoris pour accès

5. Enter a Name 1 and a description 2 to identify the resource. Choose the type RDP 3, enter the IP address of the server 4, port enter the port RDP 5 (default 3389) and click Save 6.
Ajout d'un serveur

6. Server 1 is added to favorites.
Serveur ajouté

7. Now, you have to configure a clientless access to which we will define the available favorites. Click on VPN 1 / Clientless Access 2 / Add 3.
Listes des accès

8. Enter a name 1 and description 2. Select in which the strategy should be applied 3 and resources (bookmarks) published 4 (here the server) and click Apply 5.
Ajout d'un acces

9. Confirm the application of the policy by clicking OK 1.
Confirmer l'application de la stratégie

10. We find the access without client in list 1.
Stratégie ajoutée

Using clientless access

1. From a computer, launch an internet browser (preferably Chrome) and go to the portal

2. Enter the identifiers 1 and click on Connection 2.
Connexion au portail

3. On the navigation menu go to SSL VPN 1. The page displays the clientless access configured in the policy. Click on it 2.
Accéder aux favoris

4. A new window opens, wait while connecting.
Connexion en cours...

5. Switch the keyboard to AZERTY, click on Keyboard 1 / Keyboard Layout 2 / Frech3. Enter login 4 to login.
Passer le clavier en AZERTY

6. Connection established to the server.

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

We are sorry that this post was not useful for you!

Let us improve this post!

Related Posts

RDS Farm: High Availability Service Broker Configuration
As a follow-up to the article: Deploy a RDS Windows 2012 R2 / 2016/2019 farm, we will see in this tutorial how to configure the high availability service broker. This configuration is optimized for clients use as address of connection to the RDS serv

Sophos XG: add a host
On the Sophos XG firewall, it is necessary in certain cases to declare the host so that it can be used in the firewall rules. 1. From the interface, go to Hosts and Services << 1 >>, IP Host Tab << 2 >> and click Add <<

Sophos XG high traffic on the BITS application
Symptom The Windows and Office 2016 updates use the operating system BITS to download the updates. The passage in the proxy of the firewall and the antivirus scan "prevents" the download and it runs in a loop saturating the tape.. You can see on the

Leave a Comment