Advisory: Sophos Endpoint - "Your connection isn't private." Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

[Known Issue with workaround] Firewall to firewall RED tunnels with force TLS 1.2 config enabled not working on v20 EAP1 build #195

Issue detail:

Firewall to firewall RED tunnels (RED site to site) with force TLS 1.2 config enabled not working on v20 EAP1 build #195. Even re-creating the tunnels does NOT solve the issue.

Work around:

Please disable Force TLS 1.2 from Web admin console on RED Server side as shown in the below image.


This issue is being worked upon under the ticket NC-125221. The issue is specific to early access release of v20; and we are working to resolve it in the next release.

It is recommended to apply the workaround before upgrading to v20 EAP1 to eliminate any disruption to RED site to site tunnels.

Thank you   for reporting this issue in the early access program. We value your contribution.


Sophos Firewall Product Team

image resize
[edited by: PMParth at 8:01 AM (GMT -7) on 27 Sep 2023]
  • Thanks for the info.

    After the upgrade to the EAP, i've got no problems with the activated Force TLS 1.2 setting and two SD-RED 20-devices.


    Sophos XG Home | Intel Gold G6405T | Gigabyte B560M H | 8GB DDR4 RAM | Samsung 950 Pro 256GB | Mellanox Connect-X 3 (CX312A)

  • This Issue is only related to RED Site to Site Feature between two firewalls - (SD)-RED Devices are not impacted.