I am in the process of setting up an XG 135 with remote IPsec VPN access and it is working apart from the DNS suffix.
I have configured the "DNS server 1" to our local DNS server in the "IPsec (remote access)" tab within Configure/VPN. I have also configured "Assign client DNS suffix".
When I connect to the VPN using Sophos Connect, I can see that a new "Ethernet 2" adapter of type "Sophos TAP Adapter" is created. If I look at the TCP/IP properties for this adapter I can see that the DNS server has been populated with the one that I configured in "DNS server 1". However, the DNS suffix is not populated anywhere.
The result of this is that I can ping hosts using their IP address or fully qualified host name. I cannot ping using just the host name until I manually configure the DNS suffix.
I have also been testing the equivalent scenario with SSL VPN and I get the desired behaviour with it. Ideally both kinds of VPN would behave the in the same way as it would make the setup simpler to explain to users.
The XG 135 has SFOS 18.0.4 MR-4 and I am using Sophos Connect v2.0.34.0910.
It seems like a software issue to me in Sophos Connect but maybe I am missing something. Unfortunately I have had very painful experiences with Sophos Support over the past few weeks where they remain largely unresponsive and wait a week between emails. I don't know if they monitor these forums but I don't imagine I'm the only one to have experienced this.
This thread was automatically locked due to age.