Hello,
I have XGS2300 running (SFOS 19.0.1 MR-1-Build365). I have a question about the provisioning file and imported connections.Whenever I run the provisioning file I always get IPsec remote access connection imported even though my group isn't in the IPsec remote access allowed users or groups.Is it intentional? I've made a group only for the SSL VPN remote access connection so I could only import the SSL VPN file and not IPsec but I am still getting IPsec imported for some reason. I'll post some screenshots so you can see the group is not in the IPsec and I am still getting the file imported.I have some users which use IPsec but I want to only get SSL VPN imported for users which I want to have SSL VPN only.Can someone clarify this for me?
Thank you
So I made a little test. I made a group that wasn't added in IPsec or SSL VPN. The provisioning file imported the IPsec connection. I thought it would only import if the user was in the allowed IPsec users and groups but that doesn't seem to be the case. So once is IPsec configured and a user uses the provisioning file, it doesn't matter if he's in the allowed users and groups it just imports regardless?
Hello there,
Thank you for contacting the Sophos Community.
I think you might be affected by NC-69378; what version of the Sophos Connect are you running?
Regards,
Hi,
I'm running Sophos Connect 2.2.75.0506
that happens when you had IPSec Remote Access enabled once.
to me it is bug. unfixed. Sophos Connect Client importing IPSec connection even if disabled on XG
If you don't use IPSec, reset it to the default settings.
Eventually setting it to the original settings after the reset may fixe the situation when you need both SSL and IPSec as in your situation. Haven't tested it.
Hello VGDtech ,Thank you for reaching out to the community, If you reset a profile, you should actually remove the config from any user's profile.
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.
Thank you everyone, that worked for me.