{"id":20225,"date":"2024-08-26T15:55:31","date_gmt":"2024-08-26T08:55:31","guid":{"rendered":"https:\/\/thegioifirewall.com\/?p=20225"},"modified":"2025-03-24T07:27:22","modified_gmt":"2025-03-24T07:27:22","slug":"huong-dan-cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos","status":"publish","type":"post","link":"https:\/\/vacif.com\/en\/huong-dan-cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos\/","title":{"rendered":"H\u01af\u1edaNG D\u1eaaN C\u00c0I \u0110\u1eb6T SSL VPN CLIENT TR\u00caN UBUNTU \u2013 FIREWALL SOPHOS"},"content":{"rendered":"\n<ol class=\"wp-block-list\">\n<li><strong>&nbsp;M\u1ee5c \u0111\u00edch b\u00e0i bi\u1ebft.<\/strong><\/li>\n<\/ol>\n\n\n\n<p>V\u1edbi SSL VPN Remote Access, b\u1ea1n c\u00f3 th\u1ec3 cung c\u1ea5p quy\u1ec1n truy c\u1eadp v\u00e0o t\u00e0i nguy\u00ean m\u1ea1ng c\u1ee7a t\u1eebng m\u00e1y ch\u1ee7 qua internet b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng c\u00e1c \u0111\u01b0\u1eddng h\u1ea7m \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a point-to-point. Ch\u00ednh s\u00e1ch truy c\u1eadp t\u1eeb xa s\u1eed d\u1ee5ng OpenVPN, m\u1ed9t gi\u1ea3i ph\u00e1p SSL VPN \u0111\u1ea7y \u0111\u1ee7 t\u00ednh n\u0103ng.&nbsp;<\/p>\n\n\n\n<p>B\u00e0i vi\u1ebft n\u00e0y s\u1ebd h\u01b0\u1edbng d\u1eabn b\u1ea1n c\u00e1ch c\u00e0i \u0111\u1eb7t SSL VPN client tr\u00ean Ubuntu, k\u1ebft n\u1ed1i VPN b\u1eb1ng \u1ee9ng d\u1ee5ng OpenVPN.<\/p>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>H\u01b0\u1edbng d\u1eabn c\u1ea5u h\u00ecnh.<\/strong>\n<ol class=\"wp-block-list\">\n<li><strong>C\u1ea5u h\u00ecnh SSL VPN (Remote Access).<\/strong><\/li>\n<\/ol>\n<\/li>\n<\/ol>\n\n\n\n<p>B\u1ea1n c\u00f3 th\u1ec3 tham kh\u1ea3o c\u00e1c b\u01b0\u1edbc c\u1ea5u h\u00ecnh SSL VPN qua link sau: <a href=\"https:\/\/thegioifirewall.com\/sophos-xg-huong-dan-cau-hinh-ssl-vpn-client-to-site\">https:\/\/thegioifirewall.com\/sophos-xg-huong-dan-cau-hinh-ssl-vpn-client-to-site<\/a><\/p>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>T\u1ea3i xu\u1ed1ng t\u1ec7p c\u1ea5u h\u00ecnh SSL VPN.<\/strong><\/li>\n<\/ol>\n\n\n\n<p>Tr\u00ean Ubuntu Destop, \u0111\u0103ng nh\u1eadp v\u00e0o VPN portal b\u1eb1ng username \u0111\u00e3 t\u1ea1o \u1edf b\u01b0\u1edbc 1. S\u1eed d\u1ee5ng IP WAN Sophos : Port 443 (443 l\u00e0 port m\u1eb7c \u0111\u1ecbnh c\u1ee7a Sophos Firewall, ng\u01b0\u1eddi qu\u1ea3n tr\u1ecb c\u00f3 th\u1ec3 \u0111\u1ed5i).<\/p>\n\n\n\n<p>Ch\u1ecdn Download for Windows, MacOS, Linux.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-0.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>Sau khi t\u1ea3i xu\u1ed1ng b\u1ea1n s\u1ebd c\u00f3 file _ssl_vpn_config.ovpn<\/p>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>C\u00e0i \u0111\u1eb7t OPENVPN<\/strong><\/li>\n<\/ol>\n\n\n\n<p>Tr\u01b0\u1edbc khi \u0111i v\u00e0o c\u00e0i \u0111\u1eb7t ch\u00fang ta s\u1ebd c\u1eadp nh\u1eadt c\u00e1c g\u00f3i h\u1ec7 th\u1ed1ng l\u00ean b\u1ea3n m\u1edbi b\u1eb1ng l\u1ec7nh:<\/p>\n\n\n\n<p><strong>sudo apt update<\/strong><\/p>\n\n\n\n<p><strong>sudo apt upgrade<\/strong><\/p>\n\n\n\n<p>Th\u1ef1c hi\u1ec7n c\u00e0i \u0111\u1eb7t OpenVPN b\u1eb1ng 2 l\u1ec7nh sau:<\/p>\n\n\n\n<p><strong>sudo apt install tzdata<\/strong><\/p>\n\n\n\n<p><strong>sudo dpkg-reconfigure tzdata<\/strong><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-1.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>T\u1ea1i m\u1ee5c Geographic area: Ch\u1ecdn Asia<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Sau \u0111\u00f3 ch\u1ecdn OK.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-2.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>T\u1ea1i m\u1ee5c Time zone: Ch\u1ecdn Ho Chi Minh City.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Sau \u0111\u00f3 ch\u1ecdn OK.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-3.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<ol start=\"4\" class=\"wp-block-list\">\n<li>\n<ol start=\"4\" class=\"wp-block-list\">\n<li><strong>C\u00e0i \u0111\u1eb7t, k\u1ebft n\u1ed1i SSL VPN Client.<\/strong><\/li>\n<\/ol>\n<\/li>\n<\/ol>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>L\u01b0u \u00fd: N\u1ebfu b\u1ea1n l\u00e0 ng\u01b0\u1eddi d\u00f9ng b\u00ecnh th\u01b0\u1eddng th\u00ec c\u1ea7n chuy\u1ec3n sang <strong>user root<\/strong> \u0111\u1ec3 c\u00f3 to\u00e0n quy\u1ec1n c\u00e0i \u0111\u1eb7t b\u1eb1ng l\u1ec7nh &#8220;sudo su&#8221; v\u00e0 nh\u1eadp m\u1eadt kh\u1ea9u cho user b\u00ecnh th\u01b0\u1eddng.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-4.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Di chuy\u1ec3n \u0111\u1ebfn \u0111\u1ebfn th\u01b0 m\u1ee5c Downloads ho\u1eb7c th\u01b0 m\u1ee5c l\u01b0u t\u1ec7p c\u1ea5u h\u00ecnh ssl_vpn m\u00e0 b\u1ea1n v\u1eeba t\u1ea3i xu\u1ed1ng.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Example: <strong>cd \/home\/phongntt\/Downloads\/ls<\/strong><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>B\u1ea1n s\u1ebd th\u1ea5y t\u1ec7p <strong>sslvpn-phong2-client-config.ovpn<\/strong><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-5.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Th\u1ef1c hi\u1ec7n k\u1ebft n\u1ed1i SSL VPN b\u1eb1ng d\u00f2ng l\u1ec7nh sau:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>openvpn \u2013config sslvpn-phong2-client-config.ovpn<\/strong><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-6.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Nh\u1eadp Username v\u00e0 Passwword \u0111\u00e3 t\u1ea1o \u1edf b\u01b0\u1edbc 1 (c\u1ea5u h\u00ecnh SSL VPN)<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-7.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Khi nh\u1eadt k\u00fd hi\u1ec3n th\u1ecb th\u00f4ng b\u00e1o <strong>Initialization Sequence Completed<\/strong>, k\u1ebft n\u1ed1i SSL VPN th\u00e0nh c\u00f4ng.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Khi k\u1ebft n\u1ed1i b\u1ea1n n\u00ean \u0111\u1ec3 m\u00e0n h\u00ecnh Terminal n\u00e0y ho\u1ea1t \u0111\u1ed9ng v\u00e0 m\u1edf tab Terminal kh\u00e1c \u0111\u1ec3 s\u1eed d\u1ee5ng.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-8.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Ki\u1ec3m tra tr\u00ean Ubuntu c\u00f3 th\u00eam 1 ip <strong>Tun0<\/strong> \u0111\u01b0\u1ee3c g\u00e1n trong d\u00e3y IP SSL \u0111\u00e3 c\u1ea5u h\u00ecnh \u1edf b\u01b0\u1edbc 1.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-9.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Ki\u1ec3m tra t\u01b0\u1eddng l\u1eeda Sophos. \u0110i\u1ec1u h\u01b0\u1edbng t\u1edbi <strong>Current Activities &gt; Live User<\/strong>.&nbsp;<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Ng\u01b0\u1eddi d\u00f9ng hi\u1ec7n \u0111ang k\u1ebft n\u1ed1i l\u00e0 <strong>Phong2<\/strong>.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-10.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>\u0110\u1ec3 tho\u00e1t k\u1ebft n\u1ed1i SSL VPN. Tr\u00ean tab Terminal \u0111ang k\u1ebft n\u1ed1i kernel <strong>Ctrl + C<\/strong>.&nbsp;<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Qu\u00e1 tr\u00ecnh tho\u00e1t log cho th\u1ea5y k\u1ebft n\u1ed1i \u0111\u00e3 \u0111\u01b0\u1ee3c ng\u1eaft k\u1ebft n\u1ed1i th\u00e0nh c\u00f4ng.&nbsp;<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>N\u1ebfu b\u1ea1n mu\u1ed1n k\u1ebft n\u1ed1i l\u1ea1i, h\u00e3y s\u1eed d\u1ee5ng l\u1ec7nh <strong>openvpn \u2013config sslvpn-phong2-client-config.ovpn<\/strong><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cai-dat-ssl-vpn-client-tren-ubuntu-firewall-sophos-11.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>V\u1edbi SSL VPN Remote Access, b\u1ea1n c\u00f3 th\u1ec3 cung c\u1ea5p quy\u1ec1n truy c\u1eadp v\u00e0o t\u00e0i nguy\u00ean m\u1ea1ng c\u1ee7a t\u1eebng m\u00e1y ch\u1ee7 qua internet b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng c\u00e1c \u0111\u01b0\u1eddng h\u1ea7m \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a point-to-point. Ch\u00ednh s\u00e1ch truy c\u1eadp t\u1eeb xa s\u1eed d\u1ee5ng OpenVPN, m\u1ed9t gi\u1ea3i ph\u00e1p SSL VPN \u0111\u1ea7y \u0111\u1ee7 t\u00ednh n\u0103ng.&nbsp; B\u00e0i vi\u1ebft n\u00e0y [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":20236,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_eb_attr":"","ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[80],"tags":[110,193,335,486],"class_list":["post-20225","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-huong-dan-tai-lieu","tag-firewall","tag-sophos","tag-ssl-vpn","tag-ubuntu","entry","has-media"],"_links":{"self":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/20225","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/comments?post=20225"}],"version-history":[{"count":1,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/20225\/revisions"}],"predecessor-version":[{"id":20304,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/20225\/revisions\/20304"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/media\/20236"}],"wp:attachment":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/media?parent=20225"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/categories?post=20225"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/tags?post=20225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}