As many of you know I have been a big fan of Sophos XG for some time now.  As I am concerned about security and privacy, I am constantly looking for new ways of exploiting the tools I have to make my internet experience more secure.  Below is a guide that steps you through the setup process of creating a VPN connection using Sophos XG.  It may seem complicated with a few steps needed to configure, but once you go through the setup, you will see the logic behind their approach and it should become easier.  Remember when creating the VPN profile to take advantage of the tunneling feature for greater security when using your mobile device on public WiFi.




Flowchart of the steps needed to setup Sophos VPN.


Sophos VPN Setup

  • Create or Modify a user
    • Name and password
    • Select User Type
    • Type Email
    • Select Group (Default of Open Group



  • SSL VPN – Create New (This profile can be used for multiple users)
    • Name and Optional Description
    • Select the new user or user you have already created
    • Recommend using this as a default gateway if you want to control traffic and security
    • Select the permitted resources that the user is allowed to access


  • Firewall Rule
    • Need to create a VPN That allow traffic from the VPN zone to the network and bind it to a user
    • You should use “Match User” and assign user(s)


Optional Steps

  • VPN Configuration Settings (Optional changes as needed)
    • You can make global changes to your VPN such as IP range


  • Optional Items to configure
    • If you need to access the Admin Console or the User portal from the VPN you need to make changes to the “Device Access” located under Administration.