Sophos Connect Client Update

This is a security and maintenance update for Sophos Connect for Windows.

IMPORTANT: Customers using Sophos Connect with SG UTM should not apply this update, and should remain on version 2.2. We are working to provide a further update that will work with SG UTM in the near future.

Issues Resolved

  • NCL-1805 Added provisioning file support for new keys - user_portal_port and vpn_portal_port
  • NCL-1802 Updated OpenVPN version to 2.6.10
  • NCL-1756 Updated OpenSSL version to 1.1.1w
  • NCL-1834 Addressed CVEs: CVE-2024-27459, CVE-2024-24974, CVE-2024-27903, CVE-2024-1305
  • NCL-1797 Resolved cases where Logon script may not run when configured in provisioning file
  • NCL-1780 Resolved condition where Client window may display in the wrong location on the screen
  • NCL-1763 Resolved cases where passwords containing two consecutive double-quotes will fail 
  • NCL-1721 Resolved cases where username containing a space and special characters will fail to connect
  • NCL-1707 Resolved condition where connections may not correctly display the client connection if the connection is renamed
  • NCL-1686 Improved provisioning import allowing it to replace existing connection to the same gateway if previous connection was renamed.
  • NCL-1620 Resolved case where display_name key in provisioning file is ignored
  • NCL-1383 Resolved behavior where client DNS value is appended rather than replacing previous value 

Download Links

  • Public download site - may take time after this article publishes to be available
  • Or from your firewall WebAdmin UI under Remote Access > Download Client

Related Links

  • I've been testing this over the past week or so and compared to v2.2.90.1104 I seem to be experiencing more IPsec disconnects. Also, a couple of times our internal DNS hasn't been working and was resolved by reconnecting the VPN (I never experienced this with the old version).

    I have the old version running on another laptop and it has not disconnected when the new version on my main laptop has.

  • I've been testing this over the past week or so and compared to v2.2.90.1104 I seem to be experiencing more IPsec disconnects. Also, a couple of times our internal DNS hasn't been working and was resolved by reconnecting the VPN (I never experienced this with the old version).

    I have the old version running on another laptop and it has not disconnected when the new version on my main laptop has.

  • I encountered the DNS issue again today and investigated further. I found that "ipconfig /all" did not list a "DNS Servers" entry. I disconnected and reconnected and the DNS entry was populated. This is definitely a v2.3 issue. I have opened a ticket and I wonder if the fix for "NCL-1383 Resolved behavior where client DNS value is appended rather than replacing previous value" has introduced this issue.