Sophos Connect 2.2 is now GA

6 Jul 2022

Hello Everyone,

I'm pleased to announce Sophos Connect 2.2 has been released. this is primarily a security and quality update that addresses a number of issues in the libraries used by Sophos Connect, and addresses a number of issues in the client. The client is available for download, and has been distributed to SFOS firewalls via pattern updates.

Security Updates

NCL-1635 - Security fix for CVE-2022-0778
NCL-1585 - Security fix for CVE-2021-27406 in OpenVPN binary
NCL-1490 - Security fix for CVE-2021-3606 in OpenVPN
NCL-1667 - Security hygiene cleanup for CVE-2020-1967

Issues Resolved

NCL-1622 - Fix GCM Cipher parsing error
NCL-1399 - Fix rare issue with random SSL authentication failure
NCL-1616 - Fix connection issues with special characters in password
NCL-1372 - Fix connection issues with special characters in password
NCL-1319 - Fix provisioning issues with special characters in password
NCL-1256 - Fix provisioning issues with special characters in password
NCL-1261 - Fix SSL authentication with multiple spaces in username
NCL-569 - Fix provisioning issues with special characters in username

Download Links

The latest client can be downloaded from here: https://www.sophos.com/en-us/support/downloads/utm-downloads

Related Links

Deploying Sophos Connect via script or GPO: https://support.sophos.com/support/s/article/KB-000040793?language=en_US
Documentation on how to use provisioning: https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/VPN/RemoteAccessVPN/VPNSConProvisioningFile/index.html

RedVision81 over 1 year ago

will logon scripts run now automatically upon connection?
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
AJ Bevilacqua over 1 year ago

We had an issue with telework users not getting regular GP Updates with the old client. To fix this I created a batch file that would auto run the gpupdate on startup of the VPN, but cannot seem to find any documentation on how to do this with the new client. Can someone point me to documentation that explains how to run the update automatically when users connect to the vpn?
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
Antonio Nuñez Abolafio over 1 year ago in reply to Jaroslav Faldik

I have the same problem....SSL VPN with authentication error.

Same profile with OpenVPN, works totally fine.......

I had to roolback the Sophos Connect version as. I have more than 20 VPN profiles and I can't be in this situation.....

Greetings from Spain ;)
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
Jaroslav Faldik over 1 year ago

I foud a bug in version 2.2.75.0506. Sophos Connect does not end VPN SSL connections to XG firewall (SFOS 19.0.1 MR-1-Build365). SSL VPN session is completed on XG only after about 5 min for some timeout. Native OpenVPN client (2.5.7) works fine.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
David Webb over 1 year ago in reply to TheMonzel

It's really annoying that the installer doesn't update existing versions, that seems like quite an oversight to me. We don't have anything like SCCM so have just finished manually installing 2.1 on 100 laptops. Now we need to start again (a real challenge with everyone working remotely and not having admin credentials).

Maybe I could write a script to uninstall the old version first, then install the new one...

A number of users have issues with connectivity using 2.1; they authenticate fine, and can ping their VPN IP, but various applications just don't work until they disconnect and reconnect a few times. Hopefully 2.2 will fix that.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel