Sophos Firewall: How to configure SSL VPN client in Ubuntu.


With remote access policies, you can provide access to network resources by individual hosts over the internet using point-to-point encrypted tunnels. Remote access requires SSL certificates and a user name and password.

Users can download a customized SSL VPN client software bundle from the user portal. The bundle includes an SSL VPN client, SSL certificates, and a configuration. The client supports many common business applications. Remote access policies use OpenVPN, a full-featured SSL VPN solution.

The article will guide you how to configure SSL VPN client in Ubuntu, connect to VPN using OpenVPN application.


Step 1: Configure SSL VPN (Remote Access)

You can refer to the steps to configure SSL VPN via the following link:

Follow the instructions from step 1 to step 5.

Step 2: Download Configuration File SSL VPN.

On Ubuntu Desktop, log in to the User Portal. Use IP WAN Sophos.

Select Download configuration for other OSs.

After downloading, you will have a file _ssl_vpn_config.ovpn.

Step 3: Connect SSL VPN with OpenVPN.

Note: You should install the OpenVPN software on Ubuntu if it has not been installed before. You can refer to the steps to install OpenVPN on Ubuntu on other websites.

After the installation is done. On Ubuntu Desktop, open Terminal. If you are a normal user, you need to switch to the root user to have full installation rights with the “sudo su” command and enter the password for the normal user.

Go to the Downloads folder or the folder where the _ssl_vpn_config.ovpn file you just downloaded in step 2 is saved.

Example: cd /home/john/Downloads/ -> ls

You should see the file john_ssl_vpn_config.ovpn.

Enter command: openvpn –config <configuration file>.

Ex: openvpn –config john_ssl_vpn_config.ovpn

Enter the Username and Password for User configured in step 1.

When the log shows the message Initialization Sequence Completed, SSL VPN connection is successful. When connecting you should leave this Terminal tab and open another Terminal tab to use.

IP check on Ubuntu has 1 ip Tun0 assigned in SSL IP range configured in step 1.

Check on Sophos Firewall. You go to Current Activities > Live User.

A connected User is John.

To exit the SSL VPN connection. On Terminal tab is connecting press Ctrl + C. Log “process exiting” shows that the connection has been disconnected. If you want to reconnect use the command openvpn –config john_ssl_vpn_config.ovpn.

Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.