Sophos Connect client is a VPN software that runs on Microsoft Windows 7 with "Convenience rollup" (Service Pack 2) update and later, and Mac OS 10.12 and later. It establishes highly secure, encrypted VPN tunnels for off-site employees. This article provides information regarding Sophos Connect and how it is configured. The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
Note: This is an optional procedure if you need to modify the default configuration file. If not, proceed to the Sophos Connect Client installation and configuration.
Note: There is an option to configure a static IP assignment for the remote users connecting via the Sophos Connect Client. Go to Authentication > Users and select a user. Under the SSL VPN policy > Sophos Connect client section, click Enable and then configure a static IP address for the user. Click Save.
Each install of Sophos Connect Client will generate a unique GUID on clean install. The GUID is saved in a file called scvpn.uid and this file exists in the install folder. This GUID will carry over on upgrade. If it is required to create a Ghost image that includes the Sophos Connect Client, then perform the following steps after the client is installed. These steps can also be included in a script.
Net stop scvpn
Del c:\programfile (x86)\sophos\connect\scvpn.guid
sudo rm /Library/Sophos Connect/scvpn.uid
Issue: Whenever a Sophos Connect user logs out, RDP in other Sophos Connect user would experience re-connect.
Cause: It is caused by the default setting of set vpn conn-remove-tunnel-up enable. Note: Sophos Connect client works on IPsec VPN.
set vpn conn-remove-tunnel-up enable.
What to do:
To make UDP application stable in Sophos Connect client:
set vpn conn-remove-tunnel-up disable
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.