XG Firewall version 19.0.1 MR1 build 365 and Sophos Connect 2.2.75 client are affected.
After a successful IPSec connection, after a few hours, the user is unexpectedly logged out of the firewall. The IPSec connection itself continues to work, but any rules that rely on user accounts stop passing connections from that user.
In the Authentication and VPN logs, I do not find any information that the user has been logged out. The only tangible trace is the "Current activities" list, from which the entry about an active IPSec connection disappears.
I am asking for a hint where to look for the source of the problem.
I would like to add that logging out of the firewall often takes only several minutes. It is not known what it depends on.Of course, in the IPSec remote acces settings, idle detection has been disabled.
Hello MichalKawecki,Thank you for reaching out to the community, run a wireshark packet capture and stop once you face the disconnection, share the file with us here !
Thanks & Regards,
Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.