Internal-web-traffic-http-https-over-sophos-connect-vpn-cisco-anyconnect-vpn-using-native-android-9-vpn-client - TAKE 2

Hi keen v18 testers :)

I posted an issue a few weeks here

https://community.sophos.com/products/xg-firewall/f/firewall-and-policies/116073/internal-web-traffic-http-https-over-sophos-connect-vpn-cisco-anyconnect-vpn-using-native-android-9-vpn-client

(I wont cut and paste)

Noticed the behavior just after updating to v18 - thought I had it solved as a NAT migration problem, but the issue of native Android VPN client not working with Https/Http traffic has returned. Works perfectly fine for Apple native VPN client using Sophos Connect. Can still Ping and Tracert to internal hosts via Android VPN client so the routing is fine.

Currently running SFOS 18.0.0 EAP1 - Refresh1

It appears that the stateful firewall is kicking in with invalid traffic, but I'm still wondering if it might be certificate pinning on the Android phone or some other weirdness.

I thought this was worth reporting - not a massive issue, just find it strange and hope some others might be able to point me in the right direction to try and track down the root cause.

Thanks in advance

0 Rana Sharma over 4 years ago

Hi Timothy Nothdurft,

Thanks for your valuable feedback. Let me send you PM for more details and some recommendation to try.

Thanks,

Rana Sharma
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel