PLEASE READ Advisory: Kernel memory issue affecting multiple OS (aka F**CKWIT, KAISER, KPTI, Meltdown & Spectre) for the latest updates.
We'd love to hear about it! Click here to go to the product suggestion community
I have an internal website that my external workers have been accessing via the portal (VPN > Clientless Access). As of yesterday my remote workers can't access pages correctly. I've restarted Sophos XG and the Server. I've noticed in the Log Viewer the following...
Log Comp: SSL VPN
Username: My Username
Message: Use "My Username" was allowed access of the HTTP resource http://images/logo.jpg
Is this correct? Does the IP address of the internal server need to be prefixed? Eg. http://10.12.44.10/images/logo.jpg
The portal website sometimes displays the page poorly or not at all and I can see the following source code...
The URL for this blank white page is = https://myexternalip/userportal/CRSSL/http/ClientLogin.aspx
The source code for that page is...
"<!--#set var="TITLE" value="SSLVPN User Portal Error:"
--><!--#include virtual="include/top.html" -->
<!--#if expr="$REDIRECT_ERROR_NOTES" --> <!--#include virtual="include/spacer.html" --> <!--#echo encoding="none" var="REDIRECT_ERROR_NOTES" --> <!--#endif -->"
Please can you help or throw any suggestions my way? Many thanks
EDIT: The first page kind of works. There's no neat formatting or styling. However I can see text. The URL displays the following...
When I click any link, a white page appears and the URL changes to https://externalip/userportal/CRSSL/pagename.aspx
It's not prefixing the URL and therefore nothing is displaying correctly. Please can others check this to see if it's just me :)
In reply to lferrara:
I have the case #7060376 opened too on 2017/3/1.
In reply to ShunzeLee:
I have the case #6562394 opened on 28 sept 20216........ starting to lose faith
These are my known issues still open:
Please share yours
It would be helpful to be able to see all the known issues...
In reply to MassimoForni:
you can find know issues here:
WoW! Thank you!
Also my support told me there are 2 more issues under review which have not yet been published.
I spent sometime yesterday speaking to several people at Sophos. At the end of the call I find out that Sophos does not an answer to the issues with both:
HTML5 and Clientless VPN
So now we get to tell our client, OOPS, sorry the manufacturer offers some features that can not be utilized. As a company that is new to Sophos we are greatly concerned committing to their product line. Not to mention their support took a little to long for our comfort to response and reach out to a critical issue.
Not sure if this is a bad sign for their management, Dev team, or both.
The workaround to this issue is to use a full tunnel configuration with SSL VPN instead of clientless VPN access.
In reply to sachingurung:
Hello, this is not entirely true, you have a bug in css and js valuation even if is not dynamically generated.
This work around is not ideal for clients that need to browse different websites and use apps connecting to local resources. That was the reason to create the Clientless VPN option.
Dedicate more resources Sophos!!!!
I have this problem, is different from other reported issues. The configuration is the same as PhilHalford1 .Two error on two different targetThese errors are bugs?Regards
I want to update about the issues related to Clientless VPN access, there are two reported NC-ID associated to this issue.
I just checked out the known issues list. Its unfortunate that little-to-no energy is being spent on this. its a feature I was excited to use, it fills in a nice feature gap for our business.
unfortunately, I have tried 3 different web-based bookmarks and one is rdp. None of them work.
I don't have time to sort out if they are rewriting urls, etc...I just know that they don't work. one of them is simply a link to google for testing purposes. it loads everything except the google logo.
but trying to use these to access internal resources such as our intranet, web interfaces for networking equipment, or web interface for an internally-hosted app all fail miserably.
I have opened a case, but haven't heard from anyone yet to start working on it.
I've been away for a while, I've come back to see other people experiencing the same issue.
There are suggestions stating that this now works? I'll give it ago. I have another company buying the product and they sure could do with bookmarks working.