Hi all, I want to upgrade SFOS from 18.05 MR5 to 19.5.3 MR3 What will happened with SLL VPN users ? Are their SSL VPN certificates will regenerate and they have to download new SSL VPN configurations, or not? thanks,

Greetings fellow members, I have 2 networks with 1 sophos firewall each, network A (Public IP/80.80.80.128, Local Network/192.168.20.1/24) and network B (Local Network 192.168.10.1/24). Sophos B XGS107 ( SFOS 19.5.3 MR-3-Build652) Sophos A XG135…

Hi all, AP configuration works. I am able to remove & add the AP's. AP's are recognized and shown as active. I can see the traffic between AP & XGS Port 2712. Traffic to port 8472 from firewall to AP is not answered, but i see packets from AP to APIPA…

I have something strange for the following situation. VPN connection between site A and site B (tried both policy-based and route-based) and a policy-based VPN-connection between site B and site C. Intention is to reach site C from site A while there…

Hello, I have Sophos XG 2300 with firmware 19.5.3 MR-3. I'm trying to set a static IP address for a site-to-site SSL VPN client. Is there any way to achieve this? Whatever I do it keeps getting leased IP address from Global DHCP pool or the VPN…

Hello I have Paralels Windows machine on MAC and I cannot install Sophos Connect. The message is Sophos Connect Setup Wizard ended prematurely MAC OS SONOMA ver. 14.3 Paralels ver. 19.3.0(54924) Windows11 ver 22H2 Sophos Connect ver. 2.3.0 …

So we have a pretty new XGS 2300 and we have some cases where we connect to our customers servers over an Ipsec Site-to-Site tunnel with RDP. the tunnel is stable but sometimes the remote desktop session freezes for a short time. I looked into the…

Hello, I work on 2 Sophos XG on 2 different sites. They communicate with each other using a Site-to-Site IPSec VPN. Site A : Sophos-XGS 33100 (SFOS 19.5.3) Site B : Sophos-XG 330 (SFOS 19.5.3) 3 subnets of Sophos A are configured to be able…

Hello, i have yet again a strange error. We have some clients in our network that use openvpn connections with Openvpn client is v3.4.4.3. They can connect successfully and have mostly 1-2 Disconnects, but now constantly disconnects to the target. I…

Hello, We have the OpenVPN client running on various Android phones that connects to an XGS 116w (SFOS 19.5.3 MR-3-Build652). The whole thing worked without any problems until a few days ago. Since then, some - not all - devices can successfully open…

I have a dedicated VLAN in our network and a dedicated AD username for guest users. I am not using Sophos wireless network, I use another brand wireless network. I am using SFOS 19.5.3 Every time my guest users browse the internet after logging into…

Hi, We have a XGS2300 (SFOS 19.5.3 MR-3-Build652 with an SSL Remote Access VPN with OpenVPN clients. Not sure if this was a Sophos or OpenVPN issue but I had to start somewhere. I had a user call last last night with a Peer Certificate Verification…

How do I enable reauthentication for site-to-site IPSec connections ? Sophos XGS3100, SFOS 19.5.3 MR-3-Build652

Hi, accordingly to the docs: https://doc.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/RemoteAccessVPN/IPsecSSL/SSLVPN/RAVPNSSLSettings/index.html it should be possible to assign static IP addresses to SSL VPN…

I'm having issue with my IPSEC-site-to-site connection. The IPSEC vpn cannot be established. Im having error " unable to resolve %any, retrying in 60s" when checking the strongswan.log Here is the full logs: loading secrets from '/_conf/ipsec/ipsec…

Hi Sophos Community, I've got a XGS126 on SFOS 19.5.3 with IPsec and SSL VPN enabled. Now my client wants to use VPN to connect to certain Windows machines in the LAN over RDP using the NetBIOS names. Is there a way to do name resolution on the XGS…

Hello, I have read some forums about this issue but I have not been able to replicate the issue. I have also checked the KIL list. I tried changing the networks, PC restarts, logging in with a different user. The SSL VPN connection profile rarely…

I have the exact same Problem as here: SSL VPN connected, login web page available, login refused I am making an new Thread because that one is closed and the Answer did not Address the Problem. I am connected over VPN, Firewall Webinterinterface…

The customer recently ugraded their firmware from SFOS 19.0.1 MR-1-Build365 to SFOS 19.5.3 MR-3-Build652 and they currently are unable to reach the remote sites through their SSL VPN. No changes were made to the initial configuration and a reboot from…

Hi there. Using XG Home with latest SFOS 19.5.3 MR-3-Build652 exporting the openVPN SSL file and using it on iOS 17.0.3 openVPN App V. 3.4.0. In advanced settings of the openvpn is an option of recommended secuity level. If I choose it, I get an error…

Hi Since the upgrade to ver SFOS 19.5.3 MR-3-Build652, all the users cannot connect via vpn. 3 customers with Sophos FW XGS 3300 cluster Sophos FW XGS 2100cluster Sophos FW XGS 116 The error is: ssl vpn error:0x20000000 scgui.log 2023-10-04 12:39:56PM…

Hello, I have two sophos: - XGS107 as branchOffice (19.5.3) - XG330 as HeadOffice (19.5.2) I am experiencing strange behavior on "route-base" ipsec tunnel. Tunnel status on both sites is down but on HeadOffice i can see that connectio is UP. HeadOffice…

We previously have XG-210, SFOS 19.5.2 but due to EOL on XG-210, we are forced to upgrade to XGS-2100. We are now running the latest SFOS 19.5.3 on the new XGS-2100, and all SSL VPN users are experiencing severe performance issue. The issue is impacting…

IPSec Site-2-Site VPN from initiator XGS to receiver SG firewall. the XGS is on v19.5.3 IKEv1 (caused by SG capabilities) Whenever someone rebooted the ISP router on the XGS site, the XGS will not re-initiate the connection and sits there disconnected…

Figured as since I cannot find anyone else experiencing this issue, wanted to highlight this here if it helps someone else or if Sophos want to investigate themselves. FW type, config and version in subject. TLDR: Disable HA if you experience issues with…