Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Deployment Issues

I'm trying to deploy Sophos Connect via GPO to a group of laptops and have encountered a couple of issues.

 

Firstly, I've been unable to get the connection file I've created to copy by GPP to the import folder.

I've created the GPO with a file preference item to copy from \\server\connection.scx to c:\Program Files (x86)\Sophos\Connect\import - this fails with an Access Denied error in Windows Event Log. However, it's not source permissions, rather access to Program Files that seems to be the issue, as I can modify that GPO to point to a different local folder C:\LocalDeploy\connection.scx without any issues. In the interim I've got round this with a startup script which copies the file from C:\LocalDeploy to the import folder. It would be nice to have it working from GPP as documented however - the OS is Windows 10 1909.

 

Secondly, after getting the deployment working above, I tested disconnecting from the corporate network, connecting to my mobile AP, then restarting the laptop. After restarting, off the corporate network, I log in, open Sophos Connect and get 'No connections yet. Import a connection' - where has my connection gone?

 

Many thanks,

Richard Allan



This thread was automatically locked due to age.
  • Hi Richard,

    I can't help much on the Sophos Connect side but is the GPO set as a start-up script or a log-on script?  A start-up script runs as local system and shouldn't have permission issues to the Program Files location while a log-on script would use the account of the user logging in.

  • Hello Richard,

     

    The connections are saved per user. So if the two users were different before and after the login then the you will not see the connection that were added for the user before the login.

     

    Regards,
    Ramesh

  • Hi Ramesh,

    It's the same user account that is logging in, the connection is not being saved between logins.

    We've worked around it with a mess of scripts, but it's not ideal and can't seem to find any reason for it.

    --Richard

  • Hello Richard,

    In the scvpn.log file it will show you the logged in username so if you perform this same operation there will be two logs files. 1) scvpn.log.old will contain the logs before the restart. 2) scvpn.log will contain the logs after the restart.

     

    The two log files will show you the logged in user before and after the restart. Please verify that and let us know. I am not able to reproduce the bug. If the user identified in the two log files are the same then we need to investigate this further.

     

    Ramesh