We have a Sophos XGS 6500 and our users utilize Sophos Connect as our off campus VPN client. Recently we ended up with some malicious user or users trying to login to our VPN web portal and locking out many accounts. We turned off the VPN portal, but we found that broke the use of the connect client. It works for existing users, but new users can't resolve the FQDN of the VPN interface. Even when it knows the interface it seems to need the portal web interface to resolve.
Is there a way to fix this so that it works but is protected from outside denial of service lock outs? Or make Sophos Connect function without the vpn portal enabled on the WAN?
I appreciate any insight or recommendations the community may have. Thanks!
Edited TAGs
[edited by: Erick Jan at 7:49 AM (GMT -7) on 25 Sep 2024]