Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Using Active Directory Goups for IPSec Connect Client VPN

    Hello Community, we use Sophos IPSec VPN with Active Directory authentication. All our VPN-Users are member of the Active Directory group "AAIC-VPN". We can use this group in fw rules: But we can not use this rule in the vpn settings: I…
  • Sophos Firewall IPSec Remote Connection with IKEv2

    Hello Community, the default policy for IPSec (Connect Client) VPN use IKEv1. Is it possible to build a new profile with IKEv2? What should I configure that its secure and works well? I hope someone have a best practice for me. Thank you…
  • using sslvpn client on local network

    Hello, I am looking for a solution to use an sslvpn (ipsec) connection on the local network, the goal is to restrict access to certain resources. I tried to modify the SCX file by putting the LAN address of the sophos but still impossible to connect …
  • V19 - Some websites no longer work via VPN

    Hey guys I have a very odd issue. Loaded V19 last night to my XG450 - all loaded fine and seems OK today - until the Remote users started raising tickets that some sites wouldn't load. I cant work out why... - They loaded before V19 - the…
  • Sophos Connect / SCCLI - retaining usernames and passwords?

    Using the SCCLI for Sophos Connect on a mac (possibly on windows too but not tested yet), when updating changes to a profile by first adding a revised scx file, and then updating the connection in the engine, ( NOT using the "clear credentials" option…
  • BUG: Sophos Connect cannot connect when using spaces in password

    Hello I found a bug in Sophos Connect. How to reproduce 1. Create a local user 2. Set a password with space chars (such as Telefono .1) 3. Try to connect using Sophos Connect Authentication will fail. Please notice that: 1. Authentication…
  • V19 & Custom policy support for IPSEC Remote Access

    We're currently on v18.5.3 and have approx 70 users with IPSEC Remote Access. One of the big improvements for us in v19 is the Custom IPSEC RA policy, and the adjustment of re-key times. After we upgrade to v19; Will all current IPSEC Remote Access…
  • IPSEC Remote Access .scx file invalid

    I'm trying to configure an IPSEC remote access VPN. When I download and extract the configuration archive, the .tgb file appear to be valid, but the .sck file only contains the following: cannot open file /tmp/root_cert.txt at /scripts/vpn/ipsec/generateJSONVPNClientConf…
  • SAML Integration for Sophos Connect

    Will SAML integration be available for Sophos Connect authentication in the future?
  • Can these VPN Settings be changed w/o requiring new OPVN files?

    We've recently implemented 2FA, and have had a few issues. It seems some of our clients are timing out, and then trying to auto-reconnect w/o user intervention. I'd like to max out the idle peer setting at a minimum. This will alleviate a few issues with…
  • Sophos XG auto import ipsec and sslvpn provisioning.pro file

    XG550 (SFOS 18.5.3 MR-3-Build408) sophos connect client “2.1.20.0309 Hello Forum, hope someone can help. we are currently rolling out the sophos connect client over provisioning.pro file and allow our users SSLVPN and IPsec ( 500 User) After we…
  • SOPHOS CONNECT , LOST ACCESS TO SHARED FOLDERS

    Hi team Currently I have a IPSec Remote with Sophos Connect, nevertheless , when I try connect with mi local shared folders I cant do it, because the peticion is by WAN. The are my rules
  • Sophos connect using provisioning file for multiple gateways

    Hi, I have configured the Connect Client with the following config[ { "display_name": "XG_SSL-VPN", "gateway_order": "in_order", "gateway": [ "xg1.some.company.com", "xg2.some.other.com", "xg3.yet.another.com" ], "user_portal_port": xxx, "otp": false…
  • SSL VPN Remote Access keeps reconnecting

    Hi guys, I'm having a hard time setting up the SSL VPN connection from a user in WAN zone to LAN. I managed to connect successfully for a few seconds before the indicator turned red and this message pops up OpenVPN log Wed May 4 10:26:31 2022 ROUTE_GATEWAY…
  • Sophos Connect Provisioning File

    Hello Members, We have Sophos XG330 with 18.5.3 MR3 and are using Sophos Connect (IPSec Remote Access) for our remote / WFH users. We tried to use Provisioning File to import VPN configuration. We are getting failed to login error. In firewall logs…
  • Sophos Connect SSL VPN Special Character

    That can´t be true! We are using VPN SSL and of course all Users using normal password policy including SPECIAL Characters such as "#,$,%, [Space]. Authentication through ADS. With the old Sophos SSL VPN Client it works but NOT with the "New" Sophos…
  • Sophos Connect client not running login scripts

    Hi All, This post was never resolved but I have the same issue: https://community.sophos.com/sophos-xg-firewall/f/discussions/126137/sophos-connect-client---logon-script-not-working The log file shows the user script is found and executed but nothing…
  • Connect client advanced settings reset itself

    Has anyone seen this behaviour? Sophos XG135. v18.5.2 MR2. Been running Connect client VPN for 5-6 months fine. At about 10 this morning started getting calls from users saying VPN was not connecting. Looked on the firewall IPSEC config and in the…
  • IPSec VPN access to WAN and specific internal Server/Port

    Hello community, I'm stumbling over the following problem: IPSec VPN ist configured to be used as standard-gateway when clients are connected with Sophos Connect Client. Firewall-rule is created with target zones LAN and WAN and works fine. Now…
  • Sophos Connect IPSec Client Routing

    Good Afternoon, I have a number of PCs that connect to my XG firewall using Sophos Connect IPSec. They can access all the internal resources that I have allowed by way of firewall rules, however no matter what I try, I seem to not be able to configure…
  • Migrating from Sophos SSL VPN Client to Sophos Connect v2

    Hello all, we have to migrate from the "old" Sophos SSL VPN Client to the new Sophos Connect v2 Client. We would like to deploy the Connect v2 via Software Deployment (Desktop Management System). Providing the msi with parameters isnt the problem. …
  • How to automatic import Sophos Connect Profiles in the VPN Client?

    Hello, how can i automaticly import the .pro File for the Sophos Connect Client? I have the Client installed on the Test Laptop. I have a working provisioning file..... wich works fine when i double click it. But when we will send this to 400…
  • Sophos Connect Client Language

    Hi all, is there any possibility to install the Sophos Connect Client in a specified language? It seems, the Installer uses the language of Windows-Installation, but this is not wanted in any cases. As Sophos Support suggested, I tried to change the…
  • Sophos xgs 2100 one way audio when I connect to IPsec VPN and use internal gateway VoIP

    Hi I just bought my Sophos XGS2100 , I have configure IPsec vpn client to site , all working good , but when my remote employee try to use his softphone all good and softphone connected to internal server through VPN connection but he cant hear anyone…
  • Sophos Connect / OpenVPN Support for ARM Processors?

    I see that currently ARM processors are not supported for Sophos IPSec or Sophos Connect SSL clients, which I presume is an OpenVPN issue. Are there any plans to add ARM support, or any Early Access Programs (EAPs) that we can look in to joining?