Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
Sophos Connect client is a VPN software that runs on Microsoft Windows 7 with "Convenience rollup" (Service Pack 2) update and later, and Mac OS 10.12 and later. It establishes highly secure, encrypted VPN tunnels for off-site employees. This article provides information regarding Sophos Connect and how it is configured. The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
In order for the Sophos Connect clients to access the configured LAN networks, a firewall rule must be configured.
Note: This is an optional procedure if you need to modify the default configuration file. If not, proceed to the Sophos Connect Client installation and configuration.
Note: There is an option to configure a static IP assignment for the remote users connecting via the Sophos Connect Client. Go to Authentication > Users and select a user. Under the SSL VPN policy > Sophos Connect client section, click Enable and then configure a static IP address for the user. Click Save.
Each install of Sophos Connect Client will generate a unique GUID on clean install. The GUID is saved in a file called scvpn.uid and this file exists in the install folder. This GUID will carry over on upgrade. If it is required to create a Ghost image that includes the Sophos Connect Client, then perform the following steps after the client is installed. These steps can also be included in a script.
Net stop scvpn
Del c:\programfile (x86)\sophos\connect\scvpn.guid
sudo rm /Library/Sophos Connect/scvpn.uid
Issue: Whenever a Sophos Connect user logs out, RDP in other Sophos Connect user would experience re-connect.
Cause: It is caused by the default setting of set vpn conn-remove-tunnel-up enable. Note: Sophos Connect client works on IPsec VPN.
set vpn conn-remove-tunnel-up enable.
What to do:
To make UDP application stable in Sophos Connect client:
set vpn conn-remove-tunnel-up disable
Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.