Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Sophos Firewall IPSec Remote Connection with IKEv2

    Hello Community, the default policy for IPSec (Connect Client) VPN use IKEv1. Is it possible to build a new profile with IKEv2? What should I configure that its secure and works well? I hope someone have a best practice for me. Thank you…
  • using sslvpn client on local network

    Hello, I am looking for a solution to use an sslvpn (ipsec) connection on the local network, the goal is to restrict access to certain resources. I tried to modify the SCX file by putting the LAN address of the sophos but still impossible to connect …
  • VPN does not allow more than one user to be connected

    Hi Everyone, I have an interesting issue. One of our branch offices uses an LTE router to connect to the internet and then VPN to connect to HQ. The problem is that when one person connects to VPN, the one that was connected before gets disconnected…
  • Two L2TP clients one internet connection

    Sophos XGS116 running 18.5.3 MR3 I have a client that has taken two of their office laptops home. Both laptops are setup with L2TP VPN. She wants both laptops to VPN into the firewall at the same time from her home internet connection. When one laptop…
  • V19 - Some websites no longer work via VPN

    Hey guys I have a very odd issue. Loaded V19 last night to my XG450 - all loaded fine and seems OK today - until the Remote users started raising tickets that some sites wouldn't load. I cant work out why... - They loaded before V19 - the…
  • Sophos Connect / SCCLI - retaining usernames and passwords?

    Using the SCCLI for Sophos Connect on a mac (possibly on windows too but not tested yet), when updating changes to a profile by first adding a revised scx file, and then updating the connection in the engine, ( NOT using the "clear credentials" option…
  • BUG: Sophos Connect cannot connect when using spaces in password

    Hello I found a bug in Sophos Connect. How to reproduce 1. Create a local user 2. Set a password with space chars (such as Telefono .1) 3. Try to connect using Sophos Connect Authentication will fail. Please notice that: 1. Authentication…
  • V19 & Custom policy support for IPSEC Remote Access

    We're currently on v18.5.3 and have approx 70 users with IPSEC Remote Access. One of the big improvements for us in v19 is the Custom IPSEC RA policy, and the adjustment of re-key times. After we upgrade to v19; Will all current IPSEC Remote Access…
  • IPSEC Remote Access .scx file invalid

    I'm trying to configure an IPSEC remote access VPN. When I download and extract the configuration archive, the .tgb file appear to be valid, but the .sck file only contains the following: cannot open file /tmp/root_cert.txt at /scripts/vpn/ipsec/generateJSONVPNClientConf…
  • SAML Integration for Sophos Connect

    Will SAML integration be available for Sophos Connect authentication in the future?
  • Can these VPN Settings be changed w/o requiring new OPVN files?

    We've recently implemented 2FA, and have had a few issues. It seems some of our clients are timing out, and then trying to auto-reconnect w/o user intervention. I'd like to max out the idle peer setting at a minimum. This will alleviate a few issues with…
  • Android 12 removed support of IPSec Xauth and L2TP

    Hello, as mentioned in the subject, in android 12 both IPsec Xauth and L2TP were removed completly. The only available authentication types of the android vpn built-in client are: IKEv2/IPsec MSCHAPv2 IKEv2/IPSec PSK IKEv2/IPSec RSA Are any of…
  • Sophos XG auto import ipsec and sslvpn provisioning.pro file

    XG550 (SFOS 18.5.3 MR-3-Build408) sophos connect client “2.1.20.0309 Hello Forum, hope someone can help. we are currently rolling out the sophos connect client over provisioning.pro file and allow our users SSLVPN and IPsec ( 500 User) After we…
  • SOPHOS CONNECT , LOST ACCESS TO SHARED FOLDERS

    Hi team Currently I have a IPSec Remote with Sophos Connect, nevertheless , when I try connect with mi local shared folders I cant do it, because the peticion is by WAN. The are my rules
  • Sophos connect using provisioning file for multiple gateways

    Hi, I have configured the Connect Client with the following config[ { "display_name": "XG_SSL-VPN", "gateway_order": "in_order", "gateway": [ "xg1.some.company.com", "xg2.some.other.com", "xg3.yet.another.com" ], "user_portal_port": xxx, "otp": false…
  • Sophos XG230 | L2TP-Error

    Hi everyone Error Description: Firewall: Sophos XG230 cluster Firmware: SFOS 18.5.3 MR-3-Build408 VPN: L2TP (currently with psk) | AES256 & SHA2 256 (1 & 2) / DH14 (1) / ECP256 (2) We use Windows' built-in VPN via L2TP/IPsec via our UTM…
  • Sophos Connect Provisioning File

    Hello Members, We have Sophos XG330 with 18.5.3 MR3 and are using Sophos Connect (IPSec Remote Access) for our remote / WFH users. We tried to use Provisioning File to import VPN configuration. We are getting failed to login error. In firewall logs…
  • Sophos Connect SSL VPN Special Character

    That can´t be true! We are using VPN SSL and of course all Users using normal password policy including SPECIAL Characters such as "#,$,%, [Space]. Authentication through ADS. With the old Sophos SSL VPN Client it works but NOT with the "New" Sophos…
  • l2TP vpn on XGS firewall

    Hi, I would like to deploy L2TP VPN on large number of PC's as you know the configuration is time consuming on the client PC. is there a way to automate the process. if no, can I use intune to automatically push the profiles and network configuration…
  • Sophos Connect client not running login scripts

    Hi All, This post was never resolved but I have the same issue: https://community.sophos.com/sophos-xg-firewall/f/discussions/126137/sophos-connect-client---logon-script-not-working The log file shows the user script is found and executed but nothing…
  • Connect client advanced settings reset itself

    Has anyone seen this behaviour? Sophos XG135. v18.5.2 MR2. Been running Connect client VPN for 5-6 months fine. At about 10 this morning started getting calls from users saying VPN was not connecting. Looked on the firewall IPSEC config and in the…
  • Sophos Connect IPSec Client Routing

    Good Afternoon, I have a number of PCs that connect to my XG firewall using Sophos Connect IPSec. They can access all the internal resources that I have allowed by way of firewall rules, however no matter what I try, I seem to not be able to configure…
  • go to internet via l2tp vpn

    hi folks, i have create a l2tp vpn on a sophos xg115 , the ip range works, i can connect to the vpn but when i connect i could not use the "normal" internet. ill get the ip, then the dns and wins server but no gateway. in the roulset i have also…
  • Migrating from Sophos SSL VPN Client to Sophos Connect v2

    Hello all, we have to migrate from the "old" Sophos SSL VPN Client to the new Sophos Connect v2 Client. We would like to deploy the Connect v2 via Software Deployment (Desktop Management System). Providing the msi with parameters isnt the problem. …
  • IPSec VPN access to WAN and specific internal Server/Port

    Hello community, I'm stumbling over the following problem: IPSec VPN ist configured to be used as standard-gateway when clients are connected with Sophos Connect Client. Firewall-rule is created with target zones LAN and WAN and works fine. Now…