Overview

L2TP over IPSec is a combination of the Layer 2 Tunneling Protocol and of the IPSec standard protocol. L2TP over IPSec allows you, while providing the same functions as PPTP, to give individual hosts access to your network through an encrypted IPSec tunnel. The structure is described in the following chart. After following the digital certificate option in the article Sophos XG Firewall: How to configure an L2TP VPN remote access, in the XG WebAdmin, go to Certificates Certificates and click the download icon of the self-signed certificate that was created. The file has a.tar.gz file extension.

• This article describe the steps to configure RDP Bookmarks with Clientless Access VPN (HTML5).

Bookmark creation

• Go to VPN -> Bookmarks and then click Add.
• For the Type field, choose RDP.
• The URL field should be the IP address of the workstation or server that will be accessed via RDP session.
• Click Save.

Clientless Access VPN creation

• Go to VPN -> Clientless Access, click Add and then enter the parameter as shown below.

Sophos XG Firewall: L2TP または PPTP VPN ユーザーの認証方法を設定する手順 ご意見・お問い合わせ この文章に関して誤りやお気づきの点などがございましたら、下記のセクションを使用して、この文章に関する評価とコメントをお知らせください。. Enter the Username and Password of the L2TP user to connect with the L2TP connection. The above configuration establishes an L2TP connection between Sophos and a Windows 8.1 machine. Related information. Sophos Firewall: How to view VPN logs from the console; Sophos XG Firewall: How to configure an L2TP server; Feedback and contact.

• Click Apply.

Accessing the RDP Bookmark

• Login to the User Portal using the login credentials of the user that is allowed to use the RDP Bookmark.
• Click on SSL VPN. The created RDP Bookmark is displayed under Clientless Access Connections section.

• Click on the RDP Bookmark that was created. It will then direct you to the RDP session for the configured workstation or server.
• Note: You must be allowed Remote Desktop service on Workstation or Server to use RDP Bookmarks.

Result

• You will successfully access your workstation or server by HTML via RDP.

Overview

Sophos Xg L2tp Setup

• The article describes how to configure an L2TP VPN connection between a Sophos XG Firewall and Microsoft Windows 10.

L2tp Windows 10 Sophos Xg

Windows 10 configuration

Change the default authentication mechanism to pre-shared key

Sophos Xg L2tp Radius

• In the search section of the windows 10 desktop, type “firewall” and then click on Windows Defender Firewall with Advanced Security.
• In the Windows Defender Firewall with Advanced Security, click Propertise.
• Switch to the IPSec Setting tab and under IPSec Default click Cutomize.
• Under Authentication method, click Advanced and then click Cutomize.
• Select the current First authentication method, in this case, it is Computer (Kerberos V5) and click Remove.
• Click Add to add another First authentication method.
• In the Add First Authentication Method screen, select Preshared Key and specify the Preshared Key configured in the Sophos XG Firewall.
• Click OK in all the cascading windows.
  Note: Make sure that IPSec Policy Agent and IKEand AuthIP IPSec Keying Modules in the machine are running without error.

Sophos Xg L2tp Site To Site

Create the L2TP Connection on the end user’s machine

• On the desktop, right-click on the Windows button and click on Network Connections.
• Click on VPN and then click on Add a VPN connection.
• Configure the following and then click Save.

• Click on the new connection that was created and then click Connect.
• Enter the username and password of the L2TP user to connect with the L2TP connection and then click OK.

• The above configuration establishes an L2TP connection between the Sophos XG Firewall and a Windows 10 machine.