Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Sophos SSL VPN Auto Connect

    Hi, One of our customer has Sophos SSL VPN in Sophos XGS Firewall and they are dialing through Sophos Connect Client. Now, they want to auto connect in Windows 11 Pro, when the Laptop power on.. I have gone through some articles and i couldn't get any…
  • Unable to access remote access VPN L2TP Client from main office

    Hi I am trying to ping/RDP L2TP client from Main office but unable to access but through L2TP client I can access my office network. Thank you Policy tester Rules and policies NAT Rule
  • Received IKE message with invalid SPI (F5D1C2B8) from the remote gateway.

    Received IKE message with invalid SPI (F5D1C2B8) from the remote gateway. Received IKE message with invalid SPI (2AE78327) from the remote gateway. What could be the issue and how to solve it?
  • Sophos Connect Setup Wizard ended prematurely

    Hello I have Paralels Windows machine on MAC and I cannot install Sophos Connect. The message is Sophos Connect Setup Wizard ended prematurely MAC OS SONOMA ver. 14.3 Paralels ver. 19.3.0(54924) Windows11 ver 22H2 Sophos Connect ver. 2.3.0 …
  • Question about Remote Desktop and SSL VPN

    So we are moving away from Citrix for our remote access. However we still need to access some applications internally. I have been working on trying to implement this using Entra App Proxy and the Web Client. This has proved to be an unsolvable nightmare…
  • Fortigate 80F v Sophos XG125 IPSec Remote Access

    With my license renewal fast approaching and my XG125 rev3 EOL I am at a cross roads as to which vendor I should move forward with. Out of pure frustration, I got my hands on a Fortigate 80F to compare SSLVPN and IPSecVPN remote access throughput. I setup…
  • Endpoint not able to browse over site to site VPN to backup target

    Hello, newbie here with Sophos. I am looking at a (new) client I have inherited who have their servers being backed up locally and then across a site to site VPN to a secondary location. There is one server on a different subnet that has never been…
  • IPSec VPN allows traffic to one subnet, but not another.

    I am trying to establish a Route based site-to-site IPSec VPN connection between two Sophos XG Firewalls (all fully up to date) - I followed this recipe . I have two subnets on the 'HeadOffice' Firewall - 192.168.22.0/24 and 192.168.23.0/24 and I have…
  • Site-to-Site connected but no traffic over failover GW

    Good day, On our XG230 [ SFOS 20.0.0 GA-Build222] we have two IPsec site-to-site tunnels on two different GWs. Both connect to the same remote GW but use Different NATed local Subnets to Fortigate Firewall. IPSec policies are the same no change there…
  • Sophos Connect v2.3 and SFOS v20 MR1 - SSL VPN - Delayed disconnection

    Hi, With the noon version of Sophos Connect v2.3 against SFOS v20 MR1, I encountered a bug in the delayed disconnection of SSL VPN server-side (XG Sophos firewall). On the client side the connection is already in a disconnected state, but on the firewall…
  • Keep Site-to-site Tunnel Connected?

    Hey All, I've created an IPsec tunnel between my Sophos XGS unit and a Meraki with the Sophos unit initiating the connection. Traffic is passing just fine, but the location where the Sophos unit is located has somewhat spotty internet. It appears…
  • SSL VPN Certificates and .cfg

    Hey there, on old SUM Firewalls there was an SSL VPN Installer incl. configuration on Userportal. When you have installed this, you got an openvpn.cfg file and the user certificate. I have changed our Firewall to an XGS and now i need the new…
  • SSL VPN Global Settings Apply Error

    In SSL VPN Global Settings, when I try to apply, I get the error message " You must enter a network IP address." This happens even when I don't make any changes. Any idea what's going on, and how to fix it? I'm on a XG125w (SFOS 20.0.0 GA-Build222…
  • Device on BO side of IPSec Site-to-site unable to ping HO side

    I have a scenario and trying to set something up for the interim. In essence, the requirement is to get an APP server at location A to connect to DB server in location B. The main issue with this is that both locations have the same subnet (E.g 172…
  • SSL VPN Disconnection

    Hi, in my company users are using Sophos SSL VPN. The Sophos Connect is updated to version 2.3.0506 and the type of VPN is SSL/TCP. All users report frequent disconnections when using VPN, and there was the problem also with older client versions…
  • Comments in SCX files

    Hi all, When editing an SCX file for Sophos XG / Connect VPN, is there a way that you can add comments into the file for information, i.e. in a split tunnel config, can we make a note of what the network address / range relates to? Current config…
  • Sophos SD-RED 20 and 4g LTE Gateway

    Hello - I've been searching the community for something like this but have mostly found people talking about the 4g module for the SDRED or using a USB stick LTE connection. If we buy a 4g LTE router or modem that has an ethernet port for device connectivity…
  • Failed to install Sophos Connect 2.3.0

    Hi Guys, I need help with this issue, have tired a few times to install Sophos Connect failed giving me error msg: Service 'OpenVPN Service' (OpenVPNServiceInteractive) failed to start. Verify that you have sufficient privileges to start system services…
  • SD-RED load balancing and routing

    Hello, We have deployed Sophos SD-RED 60 to our Office 4. This RED is currently connecting to Office 1. We have established SSL VPN tunnel between Office 1 and Office 2 where Office 1 is acting as server and pushing networks deployed at Office 4 as…
  • Site-to-site IPsec VPN with Mikrotik and Overlapping network

    Hi everyone, I'm having difficulty getting site to site IPsec to work properly with a Mikrotik device. Both LANs use the same class 192.168.99.0/24 and to configure the Sophos (SG115 SFOS 20.0.0 GA-Build222) I followed these instructions: https:/…
  • Sophos Connect Installation

    Hello All, Recently we are facing issue while installing sophos connect attached snip for your reference .please verify it and provide solution and help me to resolve this issue. Thanks in advance.
  • Sophos Connect 2.3 with disabled IPv6 component

    - upgraded our Windows Connect Clients from 2.2.9 to 2.3 - when now connecting with SSL VPN: The client is connected (all is working) but the state in Sophos Connect will not switch to connected and stays in "is connecting"... -> not possible to disconnect…
  • SSL VPN no Internet access

    I have set up a SSL VPN connection in SOHPOS Firewall v20 Build 222. I can access local services and machines no problems there, but I cant get internet access. When I ping external sources no packages comes through, however domain names are resolved…
  • Sophos XGS IPSEC site-to-site connection

    Hello, We are trying to establish an IPSEC VPN connection between 2 XGs Firewall. There is a Fritzbox behind the firewall at both locations. We have already tested many different settings and policies but keep getting the following error message: …
  • Fluctuating WAN IP with Dynamic DNS in Sophos Gateway Firewalls

    I was seeking a solution for an issue encountered with my client’s Sophos Gateway Firewall (Site-to-Site IPsec VPN Setup), which was due to the ISP’s PPPoE Service causing frequent changes in the WAN Interface IP. I’ve learned that Dynamic DNS could…