Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
Advisory: Sophos XG Firewall - Antivirus service stopped due to failed pattern update. Please visit this KBA for the latest updates
We'd love to hear about it! Click here to go to the product suggestion community
I've done the following on iOS 12 against SFOS 17.5.10 MR-10 with expected success:
Unfortunately, on iOS 13 - things grind to a halt.
When you attempt to download the cert, it will not open with the agent. Consequently, the agent will only ever report "Could not evaluate trust".
Is there a fix?
Hi Alexandre Lemaire
This issue is also related to Apple’s new certificate requirement only. (https://support.apple.com/en-in/HT210176)
All TLS server certificates must comply with these new security requirements in iOS 13As of now, NC-54689 raised with the Development team to take the requirement furthers with the upcoming SF OS release. As of now fix version not marked yet as progress or work ongoing.Till the time you may use a workaround like Captive portal or IP, MAC-based rule, etc which is suitable based on your infrastructure or setup.
In reply to Keyur:
Thank you for the detailed answer. It's unfortunate that the fix is not yet underway, is there a way to vote for features so that they can garner traction?
In reply to Alexandre Lemaire:
Hi Alexandre Lemaire The development team is working on the issue with the highest priority and when it is available, we will inform you as well as publish the information on our public forums.