Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall - Remote access VPN - IPsec - download IPsec VPN profile for iOS fails

Hi folks,

I did setup a remote access IPsec profile with authentication type digital certificate.

The local certificate was created with a CSR by the firewall with help of OpenSSL under Linux and the remote certificate as described in

docs.sophos.com/.../index.html

Whenever I try to download the iOS profile in the VPN portal - after I entered a password for later import and press save - I get this error message: 

Failed to download the file. If the problem persists, check with IT.

I also checked /log/vpnportal.log and there is the following entry:

Mon, 30 Sep 2024 15:39:08 GMT level=error msg="Error in getting cert data: x509: failed to parse private key (use ParsePKCS8PrivateKey instead for this key format)"
Mon, 30 Sep 2024 15:39:08 GMT level=error msg="x509: failed to parse private key (use ParsePKCS8PrivateKey instead for this key format)"

I don't want to use a pre-shared secret / key therefore I hope there is someone who knows how to solve this problem.

Thanks in advance for your help.

Cheers,

Markus



Added V20.0 MR2
[edited by: Erick Jan at 6:25 AM (GMT -7) on 1 Oct 2024]