Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OpenVPN SSL VPN Configuration gives error: Unsported Options "route delay 4"

Since Sophos XG is depended on OpenVPN for many clients, we only use it for all:

https://doc.sophos.com/nsg/sophos-firewall/18.5/help/en-us/webhelp/onlinehelp/AdministratorHelp/VPN/RemoteAccessVPN/VPNSophosConnectClient/index.html#import-configuration-and-provisioning-files (Recommended, since no support.)

Since openvpn-connect-3.4.0.3121_signed  or 3.4, i get the error "Unsported Options" and i cant connect.

So i removed after looking at the log, the options "route delay 4", what does it do? Is it important?

I tried to reach out for the support, but you get the classic "not our product, not our problem" answer. Maybe someone can it explain it me, but is this a bug from openvpn or does sophos not support the new configuration rules for newer version?

And is there a permanent fix, which does not get whiped after a update?



This thread was automatically locked due to age.
Parents
  • Latest answer from Support: "Thank you for sharing the details. We have investigated the case internally and we were able to connect to the VPN using Sophos Connect Client. As far as OpenVPN connect client is concerned, unfortunately, we won't be able to provide a fix on this as this is a 3rd party software. Here the request is not even reaching the firewall while we are trying to connect the VPN as we were not able to see any logs while reproducing the error."

    This is just a headache, now i can edit files for each device before installing them. This will be a nightmare if clients like ios or other devices cant handle anymore the old config file format.

  • Quick and dirty fix:

    • SSH login to Sophos XG
    • open an advanced shell (5 -> 3)
    • vi /content/sslvpn/client-config-template.ovpn
    • scroll down to "route-delay 4"
    • press i for insert mode
    • add ";" in front
    • ESC -> :wq

    After the change, you can finally download working .ovpn-configuration files for OpenVPN 3.4 in the XG user portal again.

  • @Hayashi81 Thanks a lot, we try this.

Reply Children
No Data