VPN: Allow UTM to act as a VPN Client
Add a VPN Client support such as L2TP inside ASG so it can connect to a VPN solution without needing to setup Site2Site.
Braedon King commented
Add one for the PPTP/OpenVPN/L2TP client unbound from a physical interface like a modem, the same as any linux ordinary distro would do on the ppp0 interface.
Useful for interfacing with dissimilar remote hardware that we have no control over, or in my case, where the client (UTM) is on mobile broadband, doesn't have a fixed IP, and is behind the ISP's NAT with a 10.0.0.0/16 address range.
I am trying UTM and I found very interesting but without OpenVpn/L2TP client support I don't be able to use for my needs.
Please add them, thanks
Please strongly consider adding this feature. Thank you.
I think L2TP and OpenVPN client should both be supported. It's a simpler implementation than setting up ipsec tunnels everywhere. It's a VPN/firewall appliance: i would expect it's at least capable of this.
Is this feature still not supported? WOW. I love sophoso, have enjoyed it for last 6+ months but this is really disappointing. Someone out there must know how to implement this and allow the utm to act like vpn client, $50 wifi router can, why can't sophos?
Brendan Taylor commented
UTM was looking great and I have enjoyed it a lot, however this just ruins that for me..
Oh well, back to Mikrotik until this is supported.
Still need Sophos UTM to act as an OpenVPN or L2TP client.
Really need that!
Really need this! Just chose Sophos vs my long time Sonicwall and I really need this feature. I need the ability to connect to a VPN server as a CLIENT to route certain traffic. CANNOT believe Sophos does not have this when everyone else DOES.
This item should be combined with "SSL VPN: Convert .ovpn to .apc/.epc for Site-to-Site SSL Tunnels", because they have the same objective. Combined, they would be the 5th highest requested item.
this is not available as using that interface option requires a physical port which is senseless.
I'd also like to see this implemented as sometimes having to mass implement pptp connections on the endstations is annoying and leaves me with no control over the traffic passed
Joshua B. commented
Don't forget OpenVPN too!
This feature entirely can be great for using an out-of-country VPN for your entire network. Especially for countries that block sites such as YouTube, without having to setup a VPN on each computer (unfortunately bypassing the UTM completely)
If implemented, I would like this to include an option to disable outgoing traffic if the VPN goes down, as well as an email notification.
Additionally the PPPoA client dosen't support any configuration and is currently set to not require-mppe-128, and there is no way to enable this in the gui.
Bob, this is right, except that the PPTP client need to be bounded to an interface. So it you want 5 different PPTP connection established you need to dedicate as many NIC.
If Adding a VPN client was implemented the way I suggest it, you could create "virutal PPTP interface" without a network card attached, and be able to use it with the firewall etc.
Bob Alfson commented
This already is available for PPTP. In 'Interfaces', select DSL (PPPoA/PPTP). Then make some Firewall rules, and you're done!
OpenVPN would certainly be a nice to have.
PPTP support would also be a must.