Sophos AP/APX users may experience issues registering to Sophos Central. More info available here: Central Wireless
We'd love to hear about it! Click here to go to the product suggestion community
Hello,
im wondering why scvpn.exe trying to contact some IP Adresses which are belonging to Facebook / Twitter etc.
Seems its checking Internet Connection by contacting them. But first : some Companies have restricted access to FB/Twitter, means our users cant use VPN Client in those cases.
Because Sophos Connect says "No internet Connectivity"
and second : WHY?
Could you Guys please fix it?
I do not have such Session open on my Sophos Connect Client.
Do you have any modifications on the TGB / SCX File?
Do you use auto connect?
In reply to LuCar Toni:
Hi Toni,
i modified the TGB File First then saved it to SCX.
Thats my config.
In reply to vitali wagner:
If you disable Auto-Connect, is there still a HTTP Connection to this host?
Checked another system, still no connection to such a host like in your screenshots.
Can you check the netstat -b output on the client?
tried without autoconnect now.
netstat shows the same
Hello Vitali,
Currently as part of pre-connectivity check the Sophos Connect Client will try to connect to google.com to check for internet connectivity when a connection is enabled. We will look into it and come up with a better way to implement the check for internet connectivity.
Ramesh
In reply to rmk_2018:
Hi Ramesh,
thank you for the confirmation. How about to take this function completely out of code? its kind of wierd and useless in my eyes.
to say more : i dont want my VPN Client to connect to google, facebook and co.
Please if you have a new Beta version (without pre-connectivity check) of the Sophos Connect Client please let me know. We really need a solution quick.
You can disable the pre-connectivity checks using the CLI. You need to run this command and disable it. Also it has to be done per connection. Here is the command you run from the install folder. On Windows cd to this folder, c:\program files (x86)\Sophos\connect and on Mac cd to this folder, /Library/Sophos Connect/
Suppose your connect name is: MyCompanyVPN
Run this command. sccli update -n MyCompanyVPN -l
That will permanently disable the pre-connectivity checks. Hope that will help.
PS: On Mac you will have to run the command with sudo. You can run it as follows. sudo sccli -n MyCompanyVPN -l
Hello Ramesh,
thank you very much for the workaround. Its worked for me now.
Another question: is there a possibility to run a login script after connection is established?
maybe a cli command too? :)
Sorry not with this release. We will add the feature request for future.
You will need to have the scripts as a batch file on the client machine and teach the operator to run them.
Or move to another IPSec VPN client which has MS-Gina support
In reply to GavinDaniels:
I hope there will be a possibility in the upcomming version for that.
Teach CEO to run some batch script is not the state of the art way. Its 2019 now. We are able to land on Mars actually.
Look at the green bow VPN client
Ticks all the boxes except that its not free
When i look at SonicWall VPN Client i dont even need to copy batch file to client. Its executes login automatilcy after connect.
Will add your request for future roadmap. Thank you for the feedback.
Sophos Connect 1.3 is released and it is now available via your firewall via pattern update. You can go to System->Backup & Firmware->Pattern Updates and click Pattern update now to downloaded in case it is not there already.
Please do let us know how this new version works for you after a week of usage. Looking for feedback from customers for this new release.
Thank you,