I'm pleased to announce the release of Sophos Connect 2.1! This is primarily a security and maintenance update, but contains one significant enhancement for IPsec VPN provisioning. With this release, provisioning files will also allow import of IPsec policies.
Remote Access IPsec Policy provisioningWhen provisioning users, the client and provisioning file may be pushed to users via standard automation procedures. When the client first attempts to conenct, the user will be prompted to authenticate, and the client will first connect to the firewall over HTTPS, and download the available VPN policy for SSL and IPsec connections for that user. If the user attempting to connect does not exist yet on the firewall, but are part of an AD user group with permission to connect over IPsec or SSL VPN, then the user will automatically be created at this point, and granted VPN permissions. This enhancement removes the need to pre-create AD users on XG, just to allow them to connect remotely via IPsec.
I have Sophos Connect 2.1.20 and it won't install on a brand new PC running Windows 10 20H2. It keeps telling me I need IE 11 or greater.
https://community.sophos.com/sophos-xg-firewall/f/discussions/126861/unhappy-with-lack-of-high-dpi-support-in-sophos-connect Maybe a workaround for the 4K Resolution.
Workaround can be found here: ideas.sophos.com/.../42110932-sophos-connect-client-scaling
Currently if DDNS is configured on XG for WAN link used in IPsec Remote access, .scx/.tgb file uses "FQDN" value from DDNS config instead of IP address for "gateway".
Foloowing problem we have:
1. IPSec Profile is wrong, because our public IP is not the public IP of the Sophos XG
2. We have both, SSL and IPSec setup. but users without IPSec are getting the Profile too.