Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SPX Portal Not Working

Trying to get SPX email encryption working. Sophos XG Home v 18.0.4-MR4

The email protection is set up as MTA mode.  Normal email routing and deliver is working fine.

I've created the SPX template and when I try to send an email with the SPX header set to yes, the firewall holds the emails in quarantine as it should since the user has not created a password yet,, and sends the SPX registration email, which is received by the end user The link in the email is correct. The link properly resolves to the firewall's WAN interface IP.

However, clicking on the link results in a 'This Site cannot be reached' page.  Reason:  Connection Refused.

When I do a packet capture on the firewall, I see the request coming in on the correct port, and the status for the packed is 'Consumed'. 

Nothing is logged on the firewall report indicating anything is dropping or rejecting the request.

I'm stumped here.  Tried rebooting the firewall, recreating the SPX template, re-configuring the encryption settings.  

Any help would be appreciated.



This thread was automatically locked due to age.
Parents
  • Same for my Sophos XG VM.
    The SPX Portal ist not responding. It also does not matter which port you specify.

    It is not possible to set Password Type: Specified by recipient.

    Generate one-time password for every email ist working.

    Perhaps one more question on this. Is it also possible to activate the encryption via SPX without Outlook plugin, so that MacOS users also have the possibility for encryption?

    Thanks
    David

  • Sounds like a bug?! Is there a chance to report this to Sophos for further investigation?

    @David: Do you have the opportunity to set the Header in Mail for MacOS? Maybe you need a mail client like Thunderbird if its not possible in Mail.

    Should work with X-Sophos-SPX: yes

Reply
  • Sounds like a bug?! Is there a chance to report this to Sophos for further investigation?

    @David: Do you have the opportunity to set the Header in Mail for MacOS? Maybe you need a mail client like Thunderbird if its not possible in Mail.

    Should work with X-Sophos-SPX: yes

Children
  • Hi,

    the problem is that the clients are using MS Outlook as an email client.

    It would be great if you could simply set a trigger like "-spx-" in the subject like Ciphermail does, for example, so that the email is then encrypted. Maybe it will come in a new firmware update.

  • You can do this. That's not the issue I'm facing.  It's when you configure the device to conditionally encrypt email (such as only encrypting when setting a value on the SPX-X header), the device doesn't enable the web portal for the recipient to log into to get the email..