Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Can't connect externally using .PRO file connection

    XGS135 wearing SFOS 19.5.1 MR-1-Build278. Trying to create a (mostly) automated Sophos Connect installation for an SSL VPN, and am pretty close. I thought. I am using the following .PRO file-- [ { "gateway": "vpn.externaldomain.com", "user_portal_port…
  • Remote SSL VPN. Modify downlodable .OVPN adding custom command.

    Good morning everyone, on sophos XGS I configured the client-site SSL VPN, everything works except the resolution of internal names, probably because our internal windows domain has the same name as a public domain that is not ours (I know it's a bad…
  • Remote Access VPN SSL and IPsec x DNS local and external

    Hello! I have a need for configuration that has never been necessary before. I have remote users using SSL VPN. In my global SSL VPN settings I give my two internal DNS servers and also the company domain so that name resolution for internal services…
  • Sophos Connect Connection reset from gateway

    Been searching around google and discussions in Sophos Community and cannot find the answer for my issue. I'm having one user using Sophos Connect who can successfully sign into Connect through the connection file. However they are not able to access…
  • Sophos Connect SSL VPN - Managed vs Unmanaged Connections

    I notice several of the help screens for SCCLI.EXE have verbiage to this effect (in this case, from 'SCCLI remove')-- * The remove command will fail in environments where policy does not allow unmanaged connections to be used. * The remove command can…
  • Remote Access SSL VPN Default Gateway

    Problem: I need to route all traffic from Android devices through the SSL VPN (using openvpn client currently). What's configured: I have basic SSL VPN settings configured. I have a firewall rule allowing anything going to the WAN and there is a default…
  • Single SSL VPN profile for multiple sites

    Good Afternoon, We have recently performed a migration from Sophos UTM to Sophos XGS and I am currently working on re-instating the SSL VPN service for use by our third party support companies. We operate two DCs with services either 'homed' in a specific…
  • Sophos XG SSL VPN

    Hi, I have configured SSL VPN according to Sophos KB. The issue i have is that clients can connect to SSL VPN but cannot access internal network resources (shares, RDP, etc). ISP - Router - XG - LAN Config: XG WAN: 192.168.1.89 (static) XG LAN…
  • Sophos Connect Policy Mismatch Error

    Hello Community members, Hope everyone is doing well at their end. It was working fine earlier and now I am getting an error while connecting Sophos Connect VPN i.e. Policy Mismatch Error. Import a new policy for this connection. As per the…
  • Assign a specific ip to ssl vpn user in v19.5.1 MR-1-Build278

    How do I assign a specific ip to remote ssl vpn user in v19.5.1 MR-1-Build278?
  • Sophos Connect Client TCP_CLIENT: Unknown error (code=10060)

    Hello, I'm using XGS2300 (SFOS 19.5.1 MR-1-Build278), sophos connect 2.2.90.1104 with latest pattern updates (Sophos Connect - 2.2.090 and SSL VPN clients - 1.0.009). I have set up SSL VPN remote access with microsoft Azure MFA and nps server. The connection…
  • linux mint 21: Connected to VPN but not routing

    I received my credentials from the sysadmin and downloaded the ovpn file. When I run `sudo openvpn --config /tmp/vjahagidar__ssl_vpn_config.ovpn` with admin provided credentials the process runs and displays "2023-04-12 11:46:03 Initialization Sequence…
  • Connect Client 2.2.90.1104 SSL VPN error: 0x20000000 / 0x0000274D

    Had a few Win10 clients recently that received that error when they tried to establish the SSL VPN connection. The issue could be resolved by a client restart. As I've never seen that error, can you please describe what it means? The log looks like…
  • XG: Configure SSL Remote access client to site

    Hello, do you know if is possible to use a third party wildcard certificate to configure an SSL remote access on an XG firewall? Thank you in advance, Marco.
  • I haven't been able to access to a VPN through Sophos VPN or Client. Does it work in Ubuntu?

    Hello everybody, I'm trying to enter into a VPN from Sophos but I haven't been able. I'm new in this technology and that's why I'm not sure what else is missing First of all I tried to access to a VPN through openvpn like the one in this video 1.…
  • Restrict VPN connection to authorized devices

    Hi all, is it possible to restrict VPN access for unauthorized devices ? We have employees who are working from home and instead of using company laptop (which has security measures implemented) they are using their home computer to establish VPN…
  • Improve IPsec remote access performance

    Hello Community, I'm in the process of switching my companies work from home VPN solution over to use our new Sophos XGS3100 Firewall. Currently we prefer to use the IPsec remote access service, as it is easy to deploy via the general .scx file and…
  • Disable SSL-VPN Connection when on LAN.

    Hi Guys, Is there any way to disable user access SSLVPN from LAN. Some users connected to VPN from home and when thy bring laptop to work it still stay connected. I did this and still no luck. Just disable the SSL VPN check box for LAN in the Administration…
  • Sophos XG Home SSL VPN

    Good afternoon, How many SSL VPN server/listeners can be configured? In short what I'm wishing is for two SSL VPN options, on full tunnel and one split tunnel etc. I've done this previously with pfsense, but can't see a way of doing it with Sophos XG…
  • Deploying and running SSL VPN on MacOS with split tunnel huge PITA?

    We are currently in the process of upgrading our SG to an XG and because of that have to deploy new SSL VPN configs to all our clients. In the past we used Tunnelblick as our OpenVPN client of choice, but there is one major issue, in order to import…
  • SOPHOS SSL VPN with different domains AD Controllers

    Hi; We have a large server farm behind sophos firewall. There are different domain name AD servers available. I can authenticate users over ADs with these different domains. I can also use AD authentication on SSL VPN connections. No problem till this…
  • Remote Access SSL VPN XG19 — IPv6 only OpenVPN Client can ping but not access internal resources

    Connecting from an Android Mobile via IPv6 only carrier (Telstra) network (single stack) to Sophos XG19 via SSL VPN seems to create some strange issues. The Sophos XG firewall has a single IPv4 gateway address that the client connects too without any…
  • unable to access lan resources from vpn

    Tried all searched the whole forum but unsuccessful pls help. regards
  • SSL VPN - Encryption Algorithm not using specified setting

    We've been working on improving the Sophos SSL VPN performance for a client (seemingly getting half the throughput of their previous SonicWall appliance). We eventually narrowed down that our SSL VPN settings for encryption don't seem to be applied correctly…
  • SSL-VPN switch from TCP to UDP

    Hi folks, we are currently in the rollout of SSL-VPN Configurations and noticed performance issues at users which are using LTE Internet connections with latency. So we want to improve performance by switching from tcp to udp at the sophos firewall…