This article provides basic steps to connect the Sophos UTM to a Sophos SMC Server
Applies to the following Sophos product(s) and version(s)
Sophos UTM Software Appliance v9.202
Sophos Mobile Control 4.0
What To Do
To successfully connect the UTM to SMC proceed as follows:
- Log on to the SMC Web-Console as Super Administrator
- Goto "Settings" | "System Setup" | "Network Access Control"
- Select "Sophos UTM" from the drop down box and click "Save"
- Log on to the SMC Web-Console as Administrator of your Tenant
- Goto "Administrators"
- Create a new Administrator used for the connection
In case you use a Self Signed Certificate on your local SMC Server do one of the following:
- Log on to your SMC Server (Windows)
- Navigate to %mdm_home%\tools\Wizard\certs
- Copy the file "ca_cert.crt" to a shared location
- Browse your SMC Server via https (Detailed steps may vary depending on the used browser)
- Display the Certificate used
- Open the Root Certificate
- Copy this Certificate to a shared location
These steps only need to be done once as a super administrator and not for every tenant.
- Log on to your UTM Web-WebAdmin
- In case you use a Self Signed Certificate on your local SMC Server:
- Goto "Webserver Protection" | "Certificate Management"| "Certificate Authority"
- Click "Import CA"
- Enter a Name and upload the Certificate stored in a step above
- Goto: "Management" | "Sophos Mobile Control" | "General"
- Enable this feature
- Enter the Servername, Tenant, Username and Password
- Please note: Do not use the IP if you are running UTM version 9.203. You'll need to use the DNS name of the SMC Server instead.
- Select the uploaded CA Certificate if needed
- Click "Apply"
You can now test the connection by pressing the "Test SMC settings" Button.
Note: in order for the UTM to block access for a non-compliant device, the 'Deny network access' boxes must be checked in the SMC configuration, under Compliance Rules.