Browse By Tags

  • BGP: Routes are not announced (SSL-VPN, remote IPsec network)

    Hi, I have the the following setup: Office FW (10.1.0.0/24) <==Policy based ipsec==> DC FW (LAN: 10.2.0.0/24; SSL-VPN: 10.3.0.0/24) <==Route based ipsec==> Partner FW (172.20.32.0/24) I try to announce the routes for the office (10.1.0.0/24),…
  • Disable SSL-VPN Connection when on LAN.

    Hi Guys, Is there any way to disable user access SSLVPN from LAN. Some users connected to VPN from home and when thy bring laptop to work it still stay connected. I did this and still no luck. Just disable the SSL VPN check box for LAN in the Administration…
  • VPN SSL Site to Site

    Good afternoon, I am starting to test the options that XG Firewall has to work with VPN. Currently I want to set up a Site to Site SSL VPN with two geographically separated XG. The example configuration of both is as follows: XG1 and VPN server…
  • Sophos XG Home SSL VPN

    Good afternoon, How many SSL VPN server/listeners can be configured? In short what I'm wishing is for two SSL VPN options, on full tunnel and one split tunnel etc. I've done this previously with pfsense, but can't see a way of doing it with Sophos XG…
  • Deploying and running SSL VPN on MacOS with split tunnel huge PITA?

    We are currently in the process of upgrading our SG to an XG and because of that have to deploy new SSL VPN configs to all our clients. In the past we used Tunnelblick as our OpenVPN client of choice, but there is one major issue, in order to import…
  • How to share port TCP 443 for WAF and SSL VPN?

    Hi everyone, I see a lot comments at this forum where I can see, that sharing Port 443 TCP for WAF and SSL VPN is working. The documentation says, that it is not possible: https://docs.sophos.com/nsg/sophos-firewall/19.5/Help/en-us/webhelp/onlinehelp…
  • unable to access lan resources from vpn

    Tried all searched the whole forum but unsuccessful pls help. regards
  • Remote Access SSL VPN XG19 — IPv6 only OpenVPN Client can ping but not access internal resources

    Connecting from an Android Mobile via IPv6 only carrier (Telstra) network (single stack) to Sophos XG19 via SSL VPN seems to create some strange issues. The Sophos XG firewall has a single IPv4 gateway address that the client connects too without any…
  • SOPHOS SSL VPN with different domains AD Controllers

    Hi; We have a large server farm behind sophos firewall. There are different domain name AD servers available. I can authenticate users over ADs with these different domains. I can also use AD authentication on SSL VPN connections. No problem till this…
  • Make SSL VPN faster

    Hi Sophox XGS 136 1 GBit/s Network Connection Firewall Network 100 MBit/s @ my home Speedtest from my home pc: ping 8, jitter 0, download 97.9 Mbps, upload 112.6 Mbps Speedtest from server: ping 2, jitter 1, download 939.8 Mbps, upload 946…
  • SSL tunnel no internet access

    Hello, We would need a specific user to connect SSL tunnel client and access internet troughtout the sophos so that he can have the public Ip from the company. I've created an SSL VPN and set the tunnel access as "Use as default gateway", created…
  • SSL VPN Auto connect

    After setting up the auto connect on a windows 10 machine I receive access to c:\program files (x86)\sophos\connect was denied. I have tried running with admin rights and get the same error. Can someone provide a resolution to this?
  • SSL-VPN switch from TCP to UDP

    Hi folks, we are currently in the rollout of SSL-VPN Configurations and noticed performance issues at users which are using LTE Internet connections with latency. So we want to improve performance by switching from tcp to udp at the sophos firewall…
  • Sophos UTM Fernzugriff Statische Fernzugriffs-IP

    Ich hbe Sophos Connect am Laufen. Die verwendetet IP-Adresse kommt hierbei aus dem VPN Pool (SSL). Diesen Addressbereich kann ich nicht verwenden, da sonst eine Software nicht richtig arbeitet. Deshalb habe ich bei dem Benutzer die Statische Fernzugriffs…
  • XGS Firewall DNS Request Route over SSL Site2Site VPN

    Hello everyone. I have 2 XGS Firewalls connected via SSL Site2Site VPN, which works good. I created a DNS Request Route for contoso.com (changed of course to my setup) to go to DC DNS IP in main office. This worked for quite some time, now it does…
  • SNMPTrap VPN SSL real public client ip address

    Hello, We are monitoring VPNSSL for security purpose with snmptraps. It's working, but in the text send in the trap by the sophos firewall, we don't have the real public client ip address. Here is an example : 20230308.100302 UDP: [XXX.XXX.XXX…
  • Time log for SSL VPN connection users.

    I need to extract or download a daily report, of the time and schedule that users are connected to the vpn ssl. You can get traffic per user, but not the time data. If we enter the user file, this data is indeed there. But it has to be entered manually…
  • SSL VPN Static IP address results in route issues.

    Hello there, When i have the static IP Address disabled in my SSL Global Config it works fine, the firewall can reach all the devices connected through VPN. The issue comes when I enable the Static IP Address in SSL VPN Global Config, When I assign…
  • SSL VPN

    Hi !! im having a problem whit my SSL VPN´S, i have my SSL VPN whit the "USE as Default gateway option on" In my NAT rules i Have my SSL VPN doing MASQ to original, and in firewall rules i have permitid the SSL VPN to access my LAN´S and the WAN on…
  • Updated: Connect Sophos SSL VPN profile in Linux Mint (Ubuntu) GUI

    In the past I previously used this guide to use Sophos SSL VPN in Linux (Mint/Ubuntu). Sophos Firewall: Configure SSL VPN client in Ubuntu using OpenVPN However, recently I ran across another solution where you can import and use the VPN using the GUI…
  • SSL VPN from both WAN Sophos XG

    Hi, first of all is it possible to use the internet on both wan ports? Like combine? Secound, would it possible to combine both wan ports for ssl vpn? We have two providers which give use each 50mbit/s uploud, and sometimes we need more for remote…
  • SSL vpn connection reset by gatway

    I am facing problem to conect ssl vpn through windows 10 only two system when i was connection network connected successfully but when i try to surfing internet then....give me error "your conmection reset by "ip address" default gateway i will also scan…
  • SSL VPN with and without radius/mfa

    hello, we need to use both ssl authentication with radius/mfa for admins and no mfa for normal users. ssl authentication servers are radius and AD. when i (admin user) connect to openvpn, i need to use mfa but if i wait without validating mfa, i…
  • Apply policy for VPN Users

    Hello I have sophos xg 210 version 19.5 and i want to block social media for users how use ssl remote access sincerly
  • SSL VPN SOPHOS XG 19.5 Build 197

    Hey Guys, I have followed the guides for creating an SSL-VPN that authenticates through Active Directory. When I have my laptop internal to the network and initiate a VPN connect it works fine. Connection is established. The logs show this. However…