Install Sophos Connect Client on macOS

In this guide, we’ll show you how to download the Sophos Connect client from your Sophos XG Firewall and install and set it up on a Mac.

Sophos Connect Client - Series

This article is part of a series that will give you everything you need to get started with the Sophos Connect client.

• Comparison: Sophos Connect Client or SSL VPN Client?
• Configure Sophos Connect Client on XG Firewall (SFOS)
• Install Sophos Connect Client on Windows
• Install Sophos Connect Client on macOS

Requirements

• Firmware SFOS 17.5 or later
• macOS client operating system: macOS 12.12 or later

1. Download Sophos Connect Client

Before you can start the installation, you first need to download the Sophos Connect Client for macOS. The Sophos Connect software is available through the VPN portal in the WebAdmin interface (Download Client) or on the Sophos Download Page. The config file is only available through the WebAdmin portal:

1. On the Sophos Firewall, navigate to Remote Access VPN > IPSec > Export Connection.

A zip file named sophosconnect_installer.zip will then be saved on your Mac. If you unzip this zip file, you will find three files in it:

• scadmin.msi - Sophos Connect Admin Tool
• Sophos Connect.pkg - Sophos Connect Client for macOS
• SophosConnect.msi - Sophos Connect Client for Windows

For this tutorial we need the Sophos Connect.pkg package at this point.

2. Install the Sophos Connect client

Start the installation of the Sophos Connect client by double-clicking the Sophos Connect.pkg file. When the installation is finished, you can exit the installation wizard by clicking Close.

3. Download connection file

When you start the Sophos Connect client for the first time, it asks you to import a connection file. This file can currently only be downloaded by an administrator through the XG Firewall. To do this, perform the following steps:

1. On the XG Firewall, navigate to VPN > Sophos Connect Client.
2. Click the Export connection button at the bottom of the browser window to download the connection file for the IPsec connection.
3. You should now find a *.tgb file in your downloads folder.

4. Set up the Sophos Connect client

Setting up the Sophos Connect client takes just a few steps:

1. Open Sophos Connect Client and click Import Connection.
2. Select the connection file with the *.tgb extension from your disk. The connection is then listed under Connections.
3. Now click Connect to establish the IPsec connection.
4. In the next step, log in with your VPN user.

If you entered the correct credentials, the VPN connection should now be established successfully. Remember to click Disconnect again in the Sophos Connect client as soon as you no longer need the VPN connection.

IPsec connection with macOS on-board means

With macOS, it is also possible to establish an IPsec connection without the Sophos Connect Client. All you need is your own account for the XG Firewall user portal to download the IPsec configuration.

1. Log in to the User Portal of your XG Firewall with your account.
2. Under Configuration for IPsec VPN client for Apple iOS, click Install.
3. Once the profile has been downloaded, you can open it with a double-click.
4. You will then be asked whether you really want to install the Sophos profile. Confirm this step with Continue.
5. Your IPsec connection is now created automatically in the settings under Network. You only need to click Connect.