Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 26 replies
  • Answers 3 answers
  • Subscribers 42 subscribers
  • Views 27818 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos VPN Client - disable autoconnect when in local network

Kam

Hi all,

I'm struggling with setting up Sophos VPN Client on user's Windows computers.

What behaviour I expect is to automatically connect when user connects any network except internal LAN/WIFI.

So if users is turning on the laptop at home and connects to his/her home WIFI, Sophos Client shoud connect VPN immediately. But when user comes to the office and connects to LAN network, Sophos Client should stop connecting. I edited ovpn config file and added auto_connect parameter as LAN VLAN network address (192.168.3.1), but it didn't help - after connecting to office's wifi, Sophos Client is connecting to VPN.

Next thing I tried was to block SSL VPN in firewall administration and it helped, but now Sophos Client is continuously trying to connect, fails, tries again, fails, and so on.

How to set it up so it just stops trying to connect when in LAN, and after network change (going back to home), connects VPN immediately?



This thread was automatically locked due to age.
  • 0 in reply to Kam

    In fact it has been updated, you have only been given the link to the KB of 19.5. The right link for version 20 is here and it is correct there. Slight smile

  • 0 in reply to TimFranken

    Ah, OK. Thanks for the updated link - will be definitely useful for others with the same problem.

    Before I sum up this thread, I'd like to have a chance to workout auto-connect feature. Let's hope it some minor thing that left. Will update here as soon as I testing device in my hands. 

  • 0

    I'm thinking about auto_connect_host param - for now I set it to LAN VLAN interface address, let's say 192.168.3.1

    When user is on hotspot and connects through VPN, it has address from VPN IP pool. As I don't have firewall rule VPN2LAN enabled, Sophos Client can't reach 192.168.3.1 so it should connect automatically. But when users connects to office's wifi (so LAN VLAN), it has IP address from LAN DHCP pool. And obviously can reach 192.168.3.1 (I'll ping it later to confirm).

    So why Sophos Client is connecting anyway when in LAN network?

  • 0

    Should I create another thread concerning proper setup for .pro file or someone will help in this thread? I wrote earlier about .pro file isn't working - doesn't matter if user is in LAN or on a hotspot. Now I can't even make this connection to connect automatically, even if it is checked in Sophos Client to auto-connect.

  • 0 in reply to Kam

    Are you saying that now the .pro file is connecting properly but auto connect is a problem ? That is, if connection is broken, it doesn't try to reconnect if it is on WAN ?

  • 0 in reply to Nikhil Bhandari

    Exactly. Although it's connecting without a problem and I didn't change anything with the .pro file, auto-connect function isn't working.

Unfiltered HTML